Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(208)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/extensions/external_registry_loader_win.cc

Issue 479513004: Prevent extension sideloading from Windows registry (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/app/generated_resources.grd ('K') | « chrome/browser/extensions/external_provider_impl.cc ('k') | extensions/common/extension.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/external_registry_loader_win.h" 5 #include "chrome/browser/extensions/external_registry_loader_win.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/file_util.h" 8 #include "base/file_util.h"
9 #include "base/files/file_path.h" 9 #include "base/files/file_path.h"
10 #include "base/files/scoped_file.h" 10 #include "base/files/scoped_file.h"
11 #include "base/metrics/histogram.h" 11 #include "base/metrics/histogram.h"
12 #include "base/strings/string_util.h" 12 #include "base/strings/string_util.h"
13 #include "base/strings/stringprintf.h"
13 #include "base/strings/utf_string_conversions.h" 14 #include "base/strings/utf_string_conversions.h"
14 #include "base/time/time.h" 15 #include "base/time/time.h"
15 #include "base/values.h" 16 #include "base/values.h"
16 #include "base/version.h" 17 #include "base/version.h"
17 #include "base/win/registry.h" 18 #include "base/win/registry.h"
18 #include "chrome/browser/extensions/external_provider_impl.h" 19 #include "chrome/browser/extensions/external_provider_impl.h"
19 #include "content/public/browser/browser_thread.h" 20 #include "content/public/browser/browser_thread.h"
20 #include "extensions/common/extension.h" 21 #include "extensions/common/extension.h"
21 22
22 using content::BrowserThread; 23 using content::BrowserThread;
(...skipping 13 matching lines...) Expand all
36 const wchar_t kRegistryExtensionVersion[] = L"version"; 37 const wchar_t kRegistryExtensionVersion[] = L"version";
37 38
38 // Registry value of the key that defines an external update URL. 39 // Registry value of the key that defines an external update URL.
39 const wchar_t kRegistryExtensionUpdateUrl[] = L"update_url"; 40 const wchar_t kRegistryExtensionUpdateUrl[] = L"update_url";
40 41
41 bool CanOpenFileForReading(const base::FilePath& path) { 42 bool CanOpenFileForReading(const base::FilePath& path) {
42 base::ScopedFILE file_handle(base::OpenFile(path, "rb")); 43 base::ScopedFILE file_handle(base::OpenFile(path, "rb"));
43 return file_handle.get() != NULL; 44 return file_handle.get() != NULL;
44 } 45 }
45 46
47 std::string MakePrefName(const std::string& extension_id,
48 const std::string& pref_name) {
49 return base::StringPrintf("%s.%s", extension_id.c_str(), pref_name.c_str());
50 }
51
46 } // namespace 52 } // namespace
47 53
48 namespace extensions { 54 namespace extensions {
49 55
50 void ExternalRegistryLoader::StartLoading() { 56 void ExternalRegistryLoader::StartLoading() {
51 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 57 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
52 BrowserThread::PostTask( 58 BrowserThread::PostTask(
53 BrowserThread::FILE, FROM_HERE, 59 BrowserThread::FILE, FROM_HERE,
54 base::Bind(&ExternalRegistryLoader::LoadOnFileThread, this)); 60 base::Bind(&ExternalRegistryLoader::LoadOnFileThread, this));
55 } 61 }
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
93 base::StringToLowerASCII(&id); 99 base::StringToLowerASCII(&id);
94 if (!Extension::IdIsValid(id)) { 100 if (!Extension::IdIsValid(id)) {
95 LOG(ERROR) << "Invalid id value " << id 101 LOG(ERROR) << "Invalid id value " << id
96 << " for key " << key_path << "."; 102 << " for key " << key_path << ".";
97 continue; 103 continue;
98 } 104 }
99 105
100 base::string16 extension_dist_id; 106 base::string16 extension_dist_id;
101 if (key.ReadValue(kRegistryExtensionInstallParam, &extension_dist_id) == 107 if (key.ReadValue(kRegistryExtensionInstallParam, &extension_dist_id) ==
102 ERROR_SUCCESS) { 108 ERROR_SUCCESS) {
103 prefs->SetString(id + "." + ExternalProviderImpl::kInstallParam, 109 prefs->SetString(MakePrefName(id, ExternalProviderImpl::kInstallParam),
104 base::UTF16ToASCII(extension_dist_id)); 110 base::UTF16ToASCII(extension_dist_id));
105 } 111 }
106 112
107 // If there is an update URL present, copy it to prefs and ignore 113 // If there is an update URL present, copy it to prefs and ignore
108 // path and version keys for this entry. 114 // path and version keys for this entry.
109 base::string16 extension_update_url; 115 base::string16 extension_update_url;
110 if (key.ReadValue(kRegistryExtensionUpdateUrl, &extension_update_url) 116 if (key.ReadValue(kRegistryExtensionUpdateUrl, &extension_update_url)
111 == ERROR_SUCCESS) { 117 == ERROR_SUCCESS) {
112 prefs->SetString( 118 prefs->SetString(
113 id + "." + ExternalProviderImpl::kExternalUpdateUrl, 119 MakePrefName(id, ExternalProviderImpl::kExternalUpdateUrl),
114 base::UTF16ToASCII(extension_update_url)); 120 base::UTF16ToASCII(extension_update_url));
115 continue; 121 continue;
116 } 122 }
117 123
118 base::string16 extension_path_str; 124 base::string16 extension_path_str;
119 if (key.ReadValue(kRegistryExtensionPath, &extension_path_str) 125 if (key.ReadValue(kRegistryExtensionPath, &extension_path_str)
120 != ERROR_SUCCESS) { 126 != ERROR_SUCCESS) {
121 // TODO(erikkay): find a way to get this into about:extensions 127 // TODO(erikkay): find a way to get this into about:extensions
122 LOG(ERROR) << "Missing value " << kRegistryExtensionPath 128 LOG(ERROR) << "Missing value " << kRegistryExtensionPath
123 << " for key " << key_path << "."; 129 << " for key " << key_path << ".";
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
157 } 163 }
158 164
159 Version version(base::UTF16ToASCII(extension_version)); 165 Version version(base::UTF16ToASCII(extension_version));
160 if (!version.IsValid()) { 166 if (!version.IsValid()) {
161 LOG(ERROR) << "Invalid version value " << extension_version 167 LOG(ERROR) << "Invalid version value " << extension_version
162 << " for key " << key_path << "."; 168 << " for key " << key_path << ".";
163 continue; 169 continue;
164 } 170 }
165 171
166 prefs->SetString( 172 prefs->SetString(
167 id + "." + ExternalProviderImpl::kExternalVersion, 173 MakePrefName(id, ExternalProviderImpl::kExternalVersion),
168 base::UTF16ToASCII(extension_version)); 174 base::UTF16ToASCII(extension_version));
169 prefs->SetString( 175 prefs->SetString(
170 id + "." + ExternalProviderImpl::kExternalCrx, 176 MakePrefName(id, ExternalProviderImpl::kExternalCrx),
171 extension_path_str); 177 extension_path_str);
178 prefs->SetBoolean(
179 MakePrefName(id, ExternalProviderImpl::kMayBeUntrusted),
180 true);
172 } 181 }
173 182
174 prefs_.reset(prefs.release()); 183 prefs_.reset(prefs.release());
175 HISTOGRAM_TIMES("Extensions.ExternalRegistryLoaderWin", 184 HISTOGRAM_TIMES("Extensions.ExternalRegistryLoaderWin",
176 base::TimeTicks::Now() - start_time); 185 base::TimeTicks::Now() - start_time);
177 BrowserThread::PostTask( 186 BrowserThread::PostTask(
178 BrowserThread::UI, FROM_HERE, 187 BrowserThread::UI, FROM_HERE,
179 base::Bind(&ExternalRegistryLoader::LoadFinished, this)); 188 base::Bind(&ExternalRegistryLoader::LoadFinished, this));
180 } 189 }
181 190
182 } // namespace extensions 191 } // namespace extensions
OLDNEW
« chrome/app/generated_resources.grd ('K') | « chrome/browser/extensions/external_provider_impl.cc ('k') | extensions/common/extension.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698