| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/base_paths.h" | 10 #include "base/base_paths.h" |
| (...skipping 361 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 372 EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain)); | 372 EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain)); |
| 373 EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer)); | 373 EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer)); |
| 374 EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL())); | 374 EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 375 EXPECT_CALL(item, GetTabReferrerUrl()) | 375 EXPECT_CALL(item, GetTabReferrerUrl()) |
| 376 .WillRepeatedly(ReturnRef(GURL::EmptyGURL())); | 376 .WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 377 download_service_->CheckClientDownload( | 377 download_service_->CheckClientDownload( |
| 378 &item, | 378 &item, |
| 379 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 379 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 380 base::Unretained(this))); | 380 base::Unretained(this))); |
| 381 MessageLoop::current()->Run(); | 381 MessageLoop::current()->Run(); |
| 382 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 382 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 383 Mock::VerifyAndClearExpectations(&item); | 383 Mock::VerifyAndClearExpectations(&item); |
| 384 | 384 |
| 385 url_chain.push_back(GURL("file://www.google.com/")); | 385 url_chain.push_back(GURL("file://www.google.com/")); |
| 386 EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp)); | 386 EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp)); |
| 387 EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_exe)); | 387 EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_exe)); |
| 388 EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain)); | 388 EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain)); |
| 389 EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer)); | 389 EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer)); |
| 390 EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL())); | 390 EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 391 EXPECT_CALL(item, GetTabReferrerUrl()) | 391 EXPECT_CALL(item, GetTabReferrerUrl()) |
| 392 .WillRepeatedly(ReturnRef(GURL::EmptyGURL())); | 392 .WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 393 download_service_->CheckClientDownload( | 393 download_service_->CheckClientDownload( |
| 394 &item, | 394 &item, |
| 395 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 395 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 396 base::Unretained(this))); | 396 base::Unretained(this))); |
| 397 MessageLoop::current()->Run(); | 397 MessageLoop::current()->Run(); |
| 398 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 398 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 399 } |
| 400 |
| 401 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadNotABinary) { |
| 402 base::FilePath a_tmp(FILE_PATH_LITERAL("a.tmp")); |
| 403 base::FilePath a_txt(FILE_PATH_LITERAL("a.txt")); |
| 404 std::vector<GURL> url_chain; |
| 405 GURL referrer("http://www.google.com/"); |
| 406 |
| 407 content::MockDownloadItem item; |
| 408 url_chain.push_back(GURL("http://www.example.com/foo")); |
| 409 EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp)); |
| 410 EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_txt)); |
| 411 EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain)); |
| 412 EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer)); |
| 413 EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 414 EXPECT_CALL(item, GetTabReferrerUrl()) |
| 415 .WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 416 download_service_->CheckClientDownload( |
| 417 &item, |
| 418 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 419 base::Unretained(this))); |
| 420 MessageLoop::current()->Run(); |
| 421 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 399 } | 422 } |
| 400 | 423 |
| 401 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadWhitelistedUrl) { | 424 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadWhitelistedUrl) { |
| 402 // Response to any requests will be DANGEROUS. | 425 // Response to any requests will be DANGEROUS. |
| 403 ClientDownloadResponse response; | 426 ClientDownloadResponse response; |
| 404 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 427 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 405 net::FakeURLFetcherFactory factory(NULL); | 428 net::FakeURLFetcherFactory factory(NULL); |
| 406 factory.SetFakeResponse( | 429 factory.SetFakeResponse( |
| 407 DownloadProtectionService::GetDownloadRequestUrl(), | 430 DownloadProtectionService::GetDownloadRequestUrl(), |
| 408 response.SerializeAsString(), | 431 response.SerializeAsString(), |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 444 // With no referrer and just the bad url, should be marked DANGEROUS. | 467 // With no referrer and just the bad url, should be marked DANGEROUS. |
| 445 url_chain.push_back(GURL("http://www.evil.com/bla.exe")); | 468 url_chain.push_back(GURL("http://www.evil.com/bla.exe")); |
| 446 download_service_->CheckClientDownload( | 469 download_service_->CheckClientDownload( |
| 447 &item, | 470 &item, |
| 448 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 471 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 449 base::Unretained(this))); | 472 base::Unretained(this))); |
| 450 MessageLoop::current()->Run(); | 473 MessageLoop::current()->Run(); |
| 451 #if defined(OS_WIN) | 474 #if defined(OS_WIN) |
| 452 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 475 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 453 #else | 476 #else |
| 454 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 477 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 455 #endif | 478 #endif |
| 456 | 479 |
| 457 // Check that the referrer is not matched against the whitelist. | 480 // Check that the referrer is not matched against the whitelist. |
| 458 referrer = GURL("http://www.google.com/"); | 481 referrer = GURL("http://www.google.com/"); |
| 459 download_service_->CheckClientDownload( | 482 download_service_->CheckClientDownload( |
| 460 &item, | 483 &item, |
| 461 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 484 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 462 base::Unretained(this))); | 485 base::Unretained(this))); |
| 463 MessageLoop::current()->Run(); | 486 MessageLoop::current()->Run(); |
| 464 #if defined(OS_WIN) | 487 #if defined(OS_WIN) |
| 465 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 488 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 466 #else | 489 #else |
| 467 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 490 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 468 #endif | 491 #endif |
| 469 | 492 |
| 470 // Redirect from a site shouldn't be checked either. | 493 // Redirect from a site shouldn't be checked either. |
| 471 url_chain.insert(url_chain.begin(), GURL("http://www.google.com/redirect")); | 494 url_chain.insert(url_chain.begin(), GURL("http://www.google.com/redirect")); |
| 472 download_service_->CheckClientDownload( | 495 download_service_->CheckClientDownload( |
| 473 &item, | 496 &item, |
| 474 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 497 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 475 base::Unretained(this))); | 498 base::Unretained(this))); |
| 476 MessageLoop::current()->Run(); | 499 MessageLoop::current()->Run(); |
| 477 #if defined(OS_WIN) | 500 #if defined(OS_WIN) |
| 478 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 501 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 479 #else | 502 #else |
| 480 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 503 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 481 #endif | 504 #endif |
| 482 | 505 |
| 483 // Only if the final url is whitelisted should it be SAFE. | 506 // Only if the final url is whitelisted should it be SAFE. |
| 484 url_chain.push_back(GURL("http://www.google.com/a.exe")); | 507 url_chain.push_back(GURL("http://www.google.com/a.exe")); |
| 485 download_service_->CheckClientDownload( | 508 download_service_->CheckClientDownload( |
| 486 &item, | 509 &item, |
| 487 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 510 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 488 base::Unretained(this))); | 511 base::Unretained(this))); |
| 489 MessageLoop::current()->Run(); | 512 MessageLoop::current()->Run(); |
| 490 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 513 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); |
| (...skipping 30 matching lines...) Expand all Loading... |
| 521 MatchDownloadWhitelistUrl(_)) | 544 MatchDownloadWhitelistUrl(_)) |
| 522 .WillRepeatedly(Return(false)); | 545 .WillRepeatedly(Return(false)); |
| 523 EXPECT_CALL(*binary_feature_extractor_.get(), CheckSignature(a_tmp, _)); | 546 EXPECT_CALL(*binary_feature_extractor_.get(), CheckSignature(a_tmp, _)); |
| 524 EXPECT_CALL(*binary_feature_extractor_.get(), ExtractImageHeaders(a_tmp, _)); | 547 EXPECT_CALL(*binary_feature_extractor_.get(), ExtractImageHeaders(a_tmp, _)); |
| 525 | 548 |
| 526 download_service_->CheckClientDownload( | 549 download_service_->CheckClientDownload( |
| 527 &item, | 550 &item, |
| 528 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 551 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 529 base::Unretained(this))); | 552 base::Unretained(this))); |
| 530 MessageLoop::current()->Run(); | 553 MessageLoop::current()->Run(); |
| 531 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 554 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 532 } | 555 } |
| 533 | 556 |
| 534 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSuccess) { | 557 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSuccess) { |
| 535 ClientDownloadResponse response; | 558 ClientDownloadResponse response; |
| 536 response.set_verdict(ClientDownloadResponse::SAFE); | 559 response.set_verdict(ClientDownloadResponse::SAFE); |
| 537 net::FakeURLFetcherFactory factory(NULL); | 560 net::FakeURLFetcherFactory factory(NULL); |
| 538 // Empty response means SAFE. | 561 // Empty response means SAFE. |
| 539 factory.SetFakeResponse( | 562 factory.SetFakeResponse( |
| 540 DownloadProtectionService::GetDownloadRequestUrl(), | 563 DownloadProtectionService::GetDownloadRequestUrl(), |
| 541 response.SerializeAsString(), | 564 response.SerializeAsString(), |
| (...skipping 25 matching lines...) Expand all Loading... |
| 567 EXPECT_CALL(*binary_feature_extractor_.get(), CheckSignature(a_tmp, _)) | 590 EXPECT_CALL(*binary_feature_extractor_.get(), CheckSignature(a_tmp, _)) |
| 568 .Times(6); | 591 .Times(6); |
| 569 EXPECT_CALL(*binary_feature_extractor_.get(), ExtractImageHeaders(a_tmp, _)) | 592 EXPECT_CALL(*binary_feature_extractor_.get(), ExtractImageHeaders(a_tmp, _)) |
| 570 .Times(6); | 593 .Times(6); |
| 571 | 594 |
| 572 download_service_->CheckClientDownload( | 595 download_service_->CheckClientDownload( |
| 573 &item, | 596 &item, |
| 574 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 597 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 575 base::Unretained(this))); | 598 base::Unretained(this))); |
| 576 MessageLoop::current()->Run(); | 599 MessageLoop::current()->Run(); |
| 600 #if defined(OS_WIN) |
| 577 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 601 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); |
| 602 #else |
| 603 // On !OS_WIN, no file types are currently supported. Hence all erquests to |
| 604 // CheckClientDownload() result in a verdict of UNKNOWN. |
| 605 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 606 #endif |
| 578 | 607 |
| 579 // Invalid response should be safe too. | 608 // Invalid response should result in UNKNOWN. |
| 580 response.Clear(); | 609 response.Clear(); |
| 581 factory.SetFakeResponse( | 610 factory.SetFakeResponse( |
| 582 DownloadProtectionService::GetDownloadRequestUrl(), | 611 DownloadProtectionService::GetDownloadRequestUrl(), |
| 583 response.SerializePartialAsString(), | 612 response.SerializePartialAsString(), |
| 584 net::HTTP_OK, net::URLRequestStatus::SUCCESS); | 613 net::HTTP_OK, net::URLRequestStatus::SUCCESS); |
| 585 | 614 |
| 586 download_service_->CheckClientDownload( | 615 download_service_->CheckClientDownload( |
| 587 &item, | 616 &item, |
| 588 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 617 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 589 base::Unretained(this))); | 618 base::Unretained(this))); |
| 590 MessageLoop::current()->Run(); | 619 MessageLoop::current()->Run(); |
| 591 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 620 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 592 std::string feedback_ping; | 621 std::string feedback_ping; |
| 593 std::string feedback_response; | 622 std::string feedback_response; |
| 594 EXPECT_FALSE(DownloadFeedbackService::GetPingsForDownloadForTesting( | 623 EXPECT_FALSE(DownloadFeedbackService::GetPingsForDownloadForTesting( |
| 595 item, &feedback_ping, &feedback_response)); | 624 item, &feedback_ping, &feedback_response)); |
| 596 | 625 |
| 597 // If the response is dangerous the result should also be marked as dangerous. | 626 // If the response is dangerous the result should also be marked as dangerous. |
| 598 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 627 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 599 factory.SetFakeResponse( | 628 factory.SetFakeResponse( |
| 600 DownloadProtectionService::GetDownloadRequestUrl(), | 629 DownloadProtectionService::GetDownloadRequestUrl(), |
| 601 response.SerializeAsString(), | 630 response.SerializeAsString(), |
| 602 net::HTTP_OK, net::URLRequestStatus::SUCCESS); | 631 net::HTTP_OK, net::URLRequestStatus::SUCCESS); |
| 603 | 632 |
| 604 download_service_->CheckClientDownload( | 633 download_service_->CheckClientDownload( |
| 605 &item, | 634 &item, |
| 606 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 635 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 607 base::Unretained(this))); | 636 base::Unretained(this))); |
| 608 MessageLoop::current()->Run(); | 637 MessageLoop::current()->Run(); |
| 609 EXPECT_FALSE(DownloadFeedbackService::GetPingsForDownloadForTesting( | 638 EXPECT_FALSE(DownloadFeedbackService::GetPingsForDownloadForTesting( |
| 610 item, &feedback_ping, &feedback_response)); | 639 item, &feedback_ping, &feedback_response)); |
| 611 #if defined(OS_WIN) | 640 #if defined(OS_WIN) |
| 612 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 641 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 613 #else | 642 #else |
| 614 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 643 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 615 #endif | 644 #endif |
| 616 | 645 |
| 617 // If the response is uncommon the result should also be marked as uncommon. | 646 // If the response is uncommon the result should also be marked as uncommon. |
| 618 response.set_verdict(ClientDownloadResponse::UNCOMMON); | 647 response.set_verdict(ClientDownloadResponse::UNCOMMON); |
| 619 factory.SetFakeResponse( | 648 factory.SetFakeResponse( |
| 620 DownloadProtectionService::GetDownloadRequestUrl(), | 649 DownloadProtectionService::GetDownloadRequestUrl(), |
| 621 response.SerializeAsString(), | 650 response.SerializeAsString(), |
| 622 net::HTTP_OK, net::URLRequestStatus::SUCCESS); | 651 net::HTTP_OK, net::URLRequestStatus::SUCCESS); |
| 623 | 652 |
| 624 download_service_->CheckClientDownload( | 653 download_service_->CheckClientDownload( |
| 625 &item, | 654 &item, |
| 626 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 655 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 627 base::Unretained(this))); | 656 base::Unretained(this))); |
| 628 MessageLoop::current()->Run(); | 657 MessageLoop::current()->Run(); |
| 629 #if defined(OS_WIN) | 658 #if defined(OS_WIN) |
| 630 EXPECT_TRUE(IsResult(DownloadProtectionService::UNCOMMON)); | 659 EXPECT_TRUE(IsResult(DownloadProtectionService::UNCOMMON)); |
| 631 EXPECT_TRUE(DownloadFeedbackService::GetPingsForDownloadForTesting( | 660 EXPECT_TRUE(DownloadFeedbackService::GetPingsForDownloadForTesting( |
| 632 item, &feedback_ping, &feedback_response)); | 661 item, &feedback_ping, &feedback_response)); |
| 633 ClientDownloadRequest decoded_request; | 662 ClientDownloadRequest decoded_request; |
| 634 EXPECT_TRUE(decoded_request.ParseFromString(feedback_ping)); | 663 EXPECT_TRUE(decoded_request.ParseFromString(feedback_ping)); |
| 635 EXPECT_EQ(url_chain.back().spec(), decoded_request.url()); | 664 EXPECT_EQ(url_chain.back().spec(), decoded_request.url()); |
| 636 EXPECT_EQ(response.SerializeAsString(), feedback_response); | 665 EXPECT_EQ(response.SerializeAsString(), feedback_response); |
| 637 #else | 666 #else |
| 638 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 667 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 639 #endif | 668 #endif |
| 640 | 669 |
| 641 // If the response is dangerous_host the result should also be marked as | 670 // If the response is dangerous_host the result should also be marked as |
| 642 // dangerous_host. | 671 // dangerous_host. |
| 643 response.set_verdict(ClientDownloadResponse::DANGEROUS_HOST); | 672 response.set_verdict(ClientDownloadResponse::DANGEROUS_HOST); |
| 644 factory.SetFakeResponse( | 673 factory.SetFakeResponse( |
| 645 DownloadProtectionService::GetDownloadRequestUrl(), | 674 DownloadProtectionService::GetDownloadRequestUrl(), |
| 646 response.SerializeAsString(), | 675 response.SerializeAsString(), |
| 647 net::HTTP_OK, net::URLRequestStatus::SUCCESS); | 676 net::HTTP_OK, net::URLRequestStatus::SUCCESS); |
| 648 | 677 |
| 649 download_service_->CheckClientDownload( | 678 download_service_->CheckClientDownload( |
| 650 &item, | 679 &item, |
| 651 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 680 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 652 base::Unretained(this))); | 681 base::Unretained(this))); |
| 653 MessageLoop::current()->Run(); | 682 MessageLoop::current()->Run(); |
| 654 #if defined(OS_WIN) | 683 #if defined(OS_WIN) |
| 655 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS_HOST)); | 684 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS_HOST)); |
| 656 EXPECT_TRUE(DownloadFeedbackService::GetPingsForDownloadForTesting( | 685 EXPECT_TRUE(DownloadFeedbackService::GetPingsForDownloadForTesting( |
| 657 item, &feedback_ping, &feedback_response)); | 686 item, &feedback_ping, &feedback_response)); |
| 658 EXPECT_EQ(response.SerializeAsString(), feedback_response); | 687 EXPECT_EQ(response.SerializeAsString(), feedback_response); |
| 659 #else | 688 #else |
| 660 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 689 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 661 #endif | 690 #endif |
| 662 | 691 |
| 663 // If the response is POTENTIALLY_UNWANTED the result should also be marked as | 692 // If the response is POTENTIALLY_UNWANTED the result should also be marked as |
| 664 // POTENTIALLY_UNWANTED. | 693 // POTENTIALLY_UNWANTED. |
| 665 response.set_verdict(ClientDownloadResponse::POTENTIALLY_UNWANTED); | 694 response.set_verdict(ClientDownloadResponse::POTENTIALLY_UNWANTED); |
| 666 factory.SetFakeResponse( | 695 factory.SetFakeResponse( |
| 667 DownloadProtectionService::GetDownloadRequestUrl(), | 696 DownloadProtectionService::GetDownloadRequestUrl(), |
| 668 response.SerializeAsString(), | 697 response.SerializeAsString(), |
| 669 net::HTTP_OK, net::URLRequestStatus::SUCCESS); | 698 net::HTTP_OK, net::URLRequestStatus::SUCCESS); |
| 670 | 699 |
| 671 download_service_->CheckClientDownload( | 700 download_service_->CheckClientDownload( |
| 672 &item, | 701 &item, |
| 673 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 702 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 674 base::Unretained(this))); | 703 base::Unretained(this))); |
| 675 MessageLoop::current()->Run(); | 704 MessageLoop::current()->Run(); |
| 676 #if defined(OS_WIN) | 705 #if defined(OS_WIN) |
| 677 EXPECT_TRUE(IsResult(DownloadProtectionService::POTENTIALLY_UNWANTED)); | 706 EXPECT_TRUE(IsResult(DownloadProtectionService::POTENTIALLY_UNWANTED)); |
| 678 #else | 707 #else |
| 679 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 708 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 680 #endif | 709 #endif |
| 681 } | 710 } |
| 682 | 711 |
| 683 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadHTTPS) { | 712 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadHTTPS) { |
| 684 ClientDownloadResponse response; | 713 ClientDownloadResponse response; |
| 685 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 714 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 686 net::FakeURLFetcherFactory factory(NULL); | 715 net::FakeURLFetcherFactory factory(NULL); |
| 687 factory.SetFakeResponse( | 716 factory.SetFakeResponse( |
| 688 DownloadProtectionService::GetDownloadRequestUrl(), | 717 DownloadProtectionService::GetDownloadRequestUrl(), |
| 689 response.SerializeAsString(), | 718 response.SerializeAsString(), |
| (...skipping 28 matching lines...) Expand all Loading... |
| 718 .Times(1); | 747 .Times(1); |
| 719 | 748 |
| 720 download_service_->CheckClientDownload( | 749 download_service_->CheckClientDownload( |
| 721 &item, | 750 &item, |
| 722 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 751 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 723 base::Unretained(this))); | 752 base::Unretained(this))); |
| 724 MessageLoop::current()->Run(); | 753 MessageLoop::current()->Run(); |
| 725 #if defined(OS_WIN) | 754 #if defined(OS_WIN) |
| 726 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 755 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 727 #else | 756 #else |
| 728 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 757 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 729 #endif | 758 #endif |
| 730 } | 759 } |
| 731 | 760 |
| 732 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadZip) { | 761 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadZip) { |
| 733 ClientDownloadResponse response; | 762 ClientDownloadResponse response; |
| 734 response.set_verdict(ClientDownloadResponse::SAFE); | 763 response.set_verdict(ClientDownloadResponse::SAFE); |
| 735 net::FakeURLFetcherFactory factory(NULL); | 764 net::FakeURLFetcherFactory factory(NULL); |
| 736 // Empty response means SAFE. | 765 // Empty response means SAFE. |
| 737 factory.SetFakeResponse( | 766 factory.SetFakeResponse( |
| 738 DownloadProtectionService::GetDownloadRequestUrl(), | 767 DownloadProtectionService::GetDownloadRequestUrl(), |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 770 ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile( | 799 ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile( |
| 771 zip_source_dir.path().Append(FILE_PATH_LITERAL("file.txt")), | 800 zip_source_dir.path().Append(FILE_PATH_LITERAL("file.txt")), |
| 772 file_contents.data(), file_contents.size())); | 801 file_contents.data(), file_contents.size())); |
| 773 ASSERT_TRUE(zip::Zip(zip_source_dir.path(), a_tmp, false)); | 802 ASSERT_TRUE(zip::Zip(zip_source_dir.path(), a_tmp, false)); |
| 774 | 803 |
| 775 download_service_->CheckClientDownload( | 804 download_service_->CheckClientDownload( |
| 776 &item, | 805 &item, |
| 777 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 806 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 778 base::Unretained(this))); | 807 base::Unretained(this))); |
| 779 MessageLoop::current()->Run(); | 808 MessageLoop::current()->Run(); |
| 780 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 809 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 781 Mock::VerifyAndClearExpectations(sb_service_.get()); | 810 Mock::VerifyAndClearExpectations(sb_service_.get()); |
| 782 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); | 811 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); |
| 783 | 812 |
| 784 // Now check with an executable in the zip file as well. | 813 // Now check with an executable in the zip file as well. |
| 785 ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile( | 814 ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile( |
| 786 zip_source_dir.path().Append(FILE_PATH_LITERAL("file.exe")), | 815 zip_source_dir.path().Append(FILE_PATH_LITERAL("file.exe")), |
| 787 file_contents.data(), file_contents.size())); | 816 file_contents.data(), file_contents.size())); |
| 788 ASSERT_TRUE(zip::Zip(zip_source_dir.path(), a_tmp, false)); | 817 ASSERT_TRUE(zip::Zip(zip_source_dir.path(), a_tmp, false)); |
| 789 | 818 |
| 790 EXPECT_CALL(*sb_service_->mock_database_manager(), | 819 EXPECT_CALL(*sb_service_->mock_database_manager(), |
| 791 MatchDownloadWhitelistUrl(_)) | 820 MatchDownloadWhitelistUrl(_)) |
| 792 .WillRepeatedly(Return(false)); | 821 .WillRepeatedly(Return(false)); |
| 793 | 822 |
| 794 download_service_->CheckClientDownload( | 823 download_service_->CheckClientDownload( |
| 795 &item, | 824 &item, |
| 796 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 825 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 797 base::Unretained(this))); | 826 base::Unretained(this))); |
| 798 MessageLoop::current()->Run(); | 827 MessageLoop::current()->Run(); |
| 828 #if defined(OS_WIN) |
| 799 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 829 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); |
| 830 #else |
| 831 // For !OS_WIN, no file types are currently supported. Hence the resulting |
| 832 // verdict is UNKNOWN. |
| 833 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 834 #endif |
| 800 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); | 835 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); |
| 801 | 836 |
| 802 // If the response is dangerous the result should also be marked as | 837 // If the response is dangerous the result should also be marked as |
| 803 // dangerous. | 838 // dangerous. |
| 804 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 839 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 805 factory.SetFakeResponse( | 840 factory.SetFakeResponse( |
| 806 DownloadProtectionService::GetDownloadRequestUrl(), | 841 DownloadProtectionService::GetDownloadRequestUrl(), |
| 807 response.SerializeAsString(), | 842 response.SerializeAsString(), |
| 808 net::HTTP_OK, net::URLRequestStatus::SUCCESS); | 843 net::HTTP_OK, net::URLRequestStatus::SUCCESS); |
| 809 | 844 |
| 810 download_service_->CheckClientDownload( | 845 download_service_->CheckClientDownload( |
| 811 &item, | 846 &item, |
| 812 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 847 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 813 base::Unretained(this))); | 848 base::Unretained(this))); |
| 814 MessageLoop::current()->Run(); | 849 MessageLoop::current()->Run(); |
| 815 #if defined(OS_WIN) | 850 #if defined(OS_WIN) |
| 816 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 851 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 817 #else | 852 #else |
| 818 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 853 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 819 #endif | 854 #endif |
| 820 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); | 855 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); |
| 821 } | 856 } |
| 822 | 857 |
| 823 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadCorruptZip) { | 858 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadCorruptZip) { |
| 824 base::ScopedTempDir download_dir; | 859 base::ScopedTempDir download_dir; |
| 825 ASSERT_TRUE(download_dir.CreateUniqueTempDir()); | 860 ASSERT_TRUE(download_dir.CreateUniqueTempDir()); |
| 826 | 861 |
| 827 base::FilePath a_tmp(download_dir.path().Append(FILE_PATH_LITERAL("a.tmp"))); | 862 base::FilePath a_tmp(download_dir.path().Append(FILE_PATH_LITERAL("a.tmp"))); |
| 828 base::FilePath a_zip(FILE_PATH_LITERAL("a.zip")); | 863 base::FilePath a_zip(FILE_PATH_LITERAL("a.zip")); |
| (...skipping 17 matching lines...) Expand all Loading... |
| 846 | 881 |
| 847 std::string file_contents = "corrupt zip file"; | 882 std::string file_contents = "corrupt zip file"; |
| 848 ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile( | 883 ASSERT_EQ(static_cast<int>(file_contents.size()), base::WriteFile( |
| 849 a_tmp, file_contents.data(), file_contents.size())); | 884 a_tmp, file_contents.data(), file_contents.size())); |
| 850 | 885 |
| 851 download_service_->CheckClientDownload( | 886 download_service_->CheckClientDownload( |
| 852 &item, | 887 &item, |
| 853 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 888 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 854 base::Unretained(this))); | 889 base::Unretained(this))); |
| 855 MessageLoop::current()->Run(); | 890 MessageLoop::current()->Run(); |
| 856 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 891 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 857 Mock::VerifyAndClearExpectations(sb_service_.get()); | 892 Mock::VerifyAndClearExpectations(sb_service_.get()); |
| 858 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); | 893 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); |
| 859 } | 894 } |
| 860 | 895 |
| 861 TEST_F(DownloadProtectionServiceTest, CheckClientCrxDownloadSuccess) { | 896 TEST_F(DownloadProtectionServiceTest, CheckClientCrxDownloadSuccess) { |
| 862 ClientDownloadResponse response; | 897 ClientDownloadResponse response; |
| 863 // Even if the server verdict is dangerous we should return SAFE because | 898 // Even if the server verdict is dangerous we should return SAFE because |
| 864 // DownloadProtectionService::IsSupportedDownload() will return false | 899 // DownloadProtectionService::IsSupportedDownload() will return false |
| 865 // for crx downloads. | 900 // for crx downloads. |
| 866 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 901 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 898 .Times(1); | 933 .Times(1); |
| 899 EXPECT_CALL(*binary_feature_extractor_.get(), ExtractImageHeaders(a_tmp, _)) | 934 EXPECT_CALL(*binary_feature_extractor_.get(), ExtractImageHeaders(a_tmp, _)) |
| 900 .Times(1); | 935 .Times(1); |
| 901 | 936 |
| 902 EXPECT_FALSE(download_service_->IsSupportedDownload(item, a_crx)); | 937 EXPECT_FALSE(download_service_->IsSupportedDownload(item, a_crx)); |
| 903 download_service_->CheckClientDownload( | 938 download_service_->CheckClientDownload( |
| 904 &item, | 939 &item, |
| 905 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 940 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 906 base::Unretained(this))); | 941 base::Unretained(this))); |
| 907 MessageLoop::current()->Run(); | 942 MessageLoop::current()->Run(); |
| 908 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 943 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 909 } | 944 } |
| 910 | 945 |
| 911 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadValidateRequest) { | 946 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadValidateRequest) { |
| 912 net::TestURLFetcherFactory factory; | 947 net::TestURLFetcherFactory factory; |
| 913 | 948 |
| 914 base::FilePath tmp_path(FILE_PATH_LITERAL("bla.tmp")); | 949 base::FilePath tmp_path(FILE_PATH_LITERAL("bla.tmp")); |
| 915 base::FilePath final_path(FILE_PATH_LITERAL("bla.exe")); | 950 base::FilePath final_path(FILE_PATH_LITERAL("bla.exe")); |
| 916 std::vector<GURL> url_chain; | 951 std::vector<GURL> url_chain; |
| 917 url_chain.push_back(GURL("http://www.google.com/")); | 952 url_chain.push_back(GURL("http://www.google.com/")); |
| 918 url_chain.push_back(GURL("http://www.google.com/bla.exe")); | 953 url_chain.push_back(GURL("http://www.google.com/bla.exe")); |
| (...skipping 428 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1347 | 1382 |
| 1348 download_service_->download_request_timeout_ms_ = 10; | 1383 download_service_->download_request_timeout_ms_ = 10; |
| 1349 download_service_->CheckClientDownload( | 1384 download_service_->CheckClientDownload( |
| 1350 &item, | 1385 &item, |
| 1351 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 1386 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 1352 base::Unretained(this))); | 1387 base::Unretained(this))); |
| 1353 | 1388 |
| 1354 // The request should time out because the HTTP request hasn't returned | 1389 // The request should time out because the HTTP request hasn't returned |
| 1355 // anything yet. | 1390 // anything yet. |
| 1356 MessageLoop::current()->Run(); | 1391 MessageLoop::current()->Run(); |
| 1357 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 1392 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 1358 } | 1393 } |
| 1359 | 1394 |
| 1360 TEST_F(DownloadProtectionServiceTest, TestDownloadItemDestroyed) { | 1395 TEST_F(DownloadProtectionServiceTest, TestDownloadItemDestroyed) { |
| 1361 net::TestURLFetcherFactory factory; | 1396 net::TestURLFetcherFactory factory; |
| 1362 | 1397 |
| 1363 std::vector<GURL> url_chain; | 1398 std::vector<GURL> url_chain; |
| 1364 url_chain.push_back(GURL("http://www.evil.com/bla.exe")); | 1399 url_chain.push_back(GURL("http://www.evil.com/bla.exe")); |
| 1365 GURL referrer("http://www.google.com/"); | 1400 GURL referrer("http://www.google.com/"); |
| 1366 base::FilePath tmp_path(FILE_PATH_LITERAL("a.tmp")); | 1401 base::FilePath tmp_path(FILE_PATH_LITERAL("a.tmp")); |
| 1367 base::FilePath final_path(FILE_PATH_LITERAL("a.exe")); | 1402 base::FilePath final_path(FILE_PATH_LITERAL("a.exe")); |
| (...skipping 22 matching lines...) Expand all Loading... |
| 1390 ExtractImageHeaders(tmp_path, _)); | 1425 ExtractImageHeaders(tmp_path, _)); |
| 1391 | 1426 |
| 1392 download_service_->CheckClientDownload( | 1427 download_service_->CheckClientDownload( |
| 1393 &item, | 1428 &item, |
| 1394 base::Bind(&DownloadProtectionServiceTest::SyncCheckDoneCallback, | 1429 base::Bind(&DownloadProtectionServiceTest::SyncCheckDoneCallback, |
| 1395 base::Unretained(this))); | 1430 base::Unretained(this))); |
| 1396 // MockDownloadItem going out of scope triggers the OnDownloadDestroyed | 1431 // MockDownloadItem going out of scope triggers the OnDownloadDestroyed |
| 1397 // notification. | 1432 // notification. |
| 1398 } | 1433 } |
| 1399 | 1434 |
| 1400 EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE)); | 1435 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 1401 } | 1436 } |
| 1402 | 1437 |
| 1403 TEST_F(DownloadProtectionServiceTest, GetCertificateWhitelistStrings) { | 1438 TEST_F(DownloadProtectionServiceTest, GetCertificateWhitelistStrings) { |
| 1404 // We'll pass this cert in as the "issuer", even though it isn't really | 1439 // We'll pass this cert in as the "issuer", even though it isn't really |
| 1405 // used to sign the certs below. GetCertificateWhitelistStirngs doesn't care | 1440 // used to sign the certs below. GetCertificateWhitelistStirngs doesn't care |
| 1406 // about this. | 1441 // about this. |
| 1407 scoped_refptr<net::X509Certificate> issuer_cert( | 1442 scoped_refptr<net::X509Certificate> issuer_cert( |
| 1408 ReadTestCertificate("issuer.pem")); | 1443 ReadTestCertificate("issuer.pem")); |
| 1409 ASSERT_TRUE(issuer_cert.get()); | 1444 ASSERT_TRUE(issuer_cert.get()); |
| 1410 std::string cert_base = "cert/" + base::HexEncode( | 1445 std::string cert_base = "cert/" + base::HexEncode( |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1479 EXPECT_THAT(whitelist_strings, ElementsAre(cert_base + "/OU=unit")); | 1514 EXPECT_THAT(whitelist_strings, ElementsAre(cert_base + "/OU=unit")); |
| 1480 | 1515 |
| 1481 cert = ReadTestCertificate("test_c.pem"); | 1516 cert = ReadTestCertificate("test_c.pem"); |
| 1482 ASSERT_TRUE(cert.get()); | 1517 ASSERT_TRUE(cert.get()); |
| 1483 whitelist_strings.clear(); | 1518 whitelist_strings.clear(); |
| 1484 GetCertificateWhitelistStrings( | 1519 GetCertificateWhitelistStrings( |
| 1485 *cert.get(), *issuer_cert.get(), &whitelist_strings); | 1520 *cert.get(), *issuer_cert.get(), &whitelist_strings); |
| 1486 EXPECT_THAT(whitelist_strings, ElementsAre()); | 1521 EXPECT_THAT(whitelist_strings, ElementsAre()); |
| 1487 } | 1522 } |
| 1488 } // namespace safe_browsing | 1523 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 565053002:
[Downloads] Gracefully handle SafeBrowsing check failures. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master