Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(122)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/safe_browsing/database_manager.cc

Issue 611603002: Add the goog-unwanted-shavar list to a new SafeBrowsing PrefixSet. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: nits and cl format Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/safe_browsing/database_manager.h ('k') | chrome/browser/safe_browsing/database_manager_unittest.cc » ('j') | chrome/browser/safe_browsing/safe_browsing_database.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/safe_browsing/database_manager.h" 5 #include "chrome/browser/safe_browsing/database_manager.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/bind_helpers.h" 10 #include "base/bind_helpers.h"
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after
61 } 61 }
62 62
63 bool IsExpectedThreat( 63 bool IsExpectedThreat(
64 const SBThreatType threat_type, 64 const SBThreatType threat_type,
65 const std::vector<SBThreatType>& expected_threats) { 65 const std::vector<SBThreatType>& expected_threats) {
66 return expected_threats.end() != std::find(expected_threats.begin(), 66 return expected_threats.end() != std::find(expected_threats.begin(),
67 expected_threats.end(), 67 expected_threats.end(),
68 threat_type); 68 threat_type);
69 } 69 }
70 70
71 // Return the list id from the first result in |full_hashes| which matches 71 // Return the severest list id from the results in |full_hashes| which matches
72 // |hash|, or INVALID if none match. 72 // |hash|, or INVALID if none match.
73 safe_browsing_util::ListType GetHashThreatListType( 73 safe_browsing_util::ListType GetHashSeverestThreatListType(
74 const SBFullHash& hash, 74 const SBFullHash& hash,
75 const std::vector<SBFullHashResult>& full_hashes, 75 const std::vector<SBFullHashResult>& full_hashes,
76 size_t* index) { 76 size_t* index) {
77 safe_browsing_util::ListType pending_threat = safe_browsing_util::INVALID;
77 for (size_t i = 0; i < full_hashes.size(); ++i) { 78 for (size_t i = 0; i < full_hashes.size(); ++i) {
78 if (SBFullHashEqual(hash, full_hashes[i].hash)) { 79 if (SBFullHashEqual(hash, full_hashes[i].hash)) {
79 if (index) 80 const safe_browsing_util::ListType threat =
80 *index = i; 81 static_cast<safe_browsing_util::ListType>(full_hashes[i].list_id);
81 return static_cast<safe_browsing_util::ListType>(full_hashes[i].list_id); 82 switch (threat) {
83 case safe_browsing_util::INVALID:
84 // |full_hashes| should never contain INVALID as a |list_id|.
85 NOTREACHED();
86 break;
87 case safe_browsing_util::MALWARE: // Falls through.
88 case safe_browsing_util::PHISH: // Falls through.
89 case safe_browsing_util::BINURL: // Falls through.
90 case safe_browsing_util::CSDWHITELIST: // Falls through.
91 case safe_browsing_util::DOWNLOADWHITELIST: // Falls through.
92 case safe_browsing_util::EXTENSIONBLACKLIST: // Falls through.
93 case safe_browsing_util::SIDEEFFECTFREEWHITELIST: // Falls through.
94 case safe_browsing_util::IPBLACKLIST:
95 if (index)
96 *index = i;
97 return threat;
98 case safe_browsing_util::UNWANTEDURL:
99 // UNWANTEDURL is considered less severe than other threats, keep
100 // looking.
101 pending_threat = threat;
102 if (index)
103 *index = i;
104 break;
105 }
82 } 106 }
83 } 107 }
84 return safe_browsing_util::INVALID; 108 return pending_threat;
85 } 109 }
86 110
87 // Given a URL, compare all the possible host + path full hashes to the set of 111 // Given a URL, compare all the possible host + path full hashes to the set of
88 // provided full hashes. Returns the list id of the a matching result from 112 // provided full hashes. Returns the list id of the severest matching result
89 // |full_hashes|, or INVALID if none match. 113 // from |full_hashes|, or INVALID if none match.
90 safe_browsing_util::ListType GetUrlThreatListType( 114 safe_browsing_util::ListType GetUrlSeverestThreatListType(
91 const GURL& url, 115 const GURL& url,
92 const std::vector<SBFullHashResult>& full_hashes, 116 const std::vector<SBFullHashResult>& full_hashes,
93 size_t* index) { 117 size_t* index) {
94 if (full_hashes.empty()) 118 if (full_hashes.empty())
95 return safe_browsing_util::INVALID; 119 return safe_browsing_util::INVALID;
96 120
97 std::vector<std::string> patterns; 121 std::vector<std::string> patterns;
98 safe_browsing_util::GeneratePatternsToCheck(url, &patterns); 122 safe_browsing_util::GeneratePatternsToCheck(url, &patterns);
99 123
124 safe_browsing_util::ListType pending_threat = safe_browsing_util::INVALID;
100 for (size_t i = 0; i < patterns.size(); ++i) { 125 for (size_t i = 0; i < patterns.size(); ++i) {
101 safe_browsing_util::ListType threat = GetHashThreatListType( 126 safe_browsing_util::ListType threat = GetHashSeverestThreatListType(
102 SBFullHashForString(patterns[i]), full_hashes, index); 127 SBFullHashForString(patterns[i]), full_hashes, index);
103 if (threat != safe_browsing_util::INVALID) 128 switch (threat) {
104 return threat; 129 case safe_browsing_util::INVALID:
130 // Ignore patterns with no matching threat.
131 break;
132 case safe_browsing_util::MALWARE: // Falls through.
133 case safe_browsing_util::PHISH: // Falls through.
134 case safe_browsing_util::BINURL: // Falls through.
135 case safe_browsing_util::CSDWHITELIST: // Falls through.
136 case safe_browsing_util::DOWNLOADWHITELIST: // Falls through.
137 case safe_browsing_util::EXTENSIONBLACKLIST: // Falls through.
138 case safe_browsing_util::SIDEEFFECTFREEWHITELIST: // Falls through.
139 case safe_browsing_util::IPBLACKLIST:
140 return threat;
141 case safe_browsing_util::UNWANTEDURL:
142 // UNWANTEDURL is considered less severe than other threats, keep
143 // looking.
144 pending_threat = threat;
145 break;
146 }
105 } 147 }
106 return safe_browsing_util::INVALID; 148 return pending_threat;
107 } 149 }
108 150
109 SBThreatType GetThreatTypeFromListType(safe_browsing_util::ListType list_type) { 151 SBThreatType GetThreatTypeFromListType(safe_browsing_util::ListType list_type) {
110 switch (list_type) { 152 switch (list_type) {
111 case safe_browsing_util::PHISH: 153 case safe_browsing_util::PHISH:
112 return SB_THREAT_TYPE_URL_PHISHING; 154 return SB_THREAT_TYPE_URL_PHISHING;
113 case safe_browsing_util::MALWARE: 155 case safe_browsing_util::MALWARE:
114 return SB_THREAT_TYPE_URL_MALWARE; 156 return SB_THREAT_TYPE_URL_MALWARE;
157 case safe_browsing_util::UNWANTEDURL:
158 return SB_THREAT_TYPE_URL_UNWANTED;
115 case safe_browsing_util::BINURL: 159 case safe_browsing_util::BINURL:
116 return SB_THREAT_TYPE_BINARY_MALWARE_URL; 160 return SB_THREAT_TYPE_BINARY_MALWARE_URL;
117 case safe_browsing_util::EXTENSIONBLACKLIST: 161 case safe_browsing_util::EXTENSIONBLACKLIST:
118 return SB_THREAT_TYPE_EXTENSION; 162 return SB_THREAT_TYPE_EXTENSION;
119 default: 163 default:
120 DVLOG(1) << "Unknown safe browsing list id " << list_type; 164 DVLOG(1) << "Unknown safe browsing list id " << list_type;
121 return SB_THREAT_TYPE_SAFE; 165 return SB_THREAT_TYPE_SAFE;
122 } 166 }
123 } 167 }
124 168
125 } // namespace 169 } // namespace
126 170
127 // static 171 // static
128 SBThreatType SafeBrowsingDatabaseManager::GetHashThreatType( 172 SBThreatType SafeBrowsingDatabaseManager::GetHashSeverestThreatType(
129 const SBFullHash& hash, 173 const SBFullHash& hash,
130 const std::vector<SBFullHashResult>& full_hashes) { 174 const std::vector<SBFullHashResult>& full_hashes) {
131 return GetThreatTypeFromListType( 175 return GetThreatTypeFromListType(
132 GetHashThreatListType(hash, full_hashes, NULL)); 176 GetHashSeverestThreatListType(hash, full_hashes, NULL));
133 } 177 }
134 178
135 // static 179 // static
136 SBThreatType SafeBrowsingDatabaseManager::GetUrlThreatType( 180 SBThreatType SafeBrowsingDatabaseManager::GetUrlSeverestThreatType(
137 const GURL& url, 181 const GURL& url,
138 const std::vector<SBFullHashResult>& full_hashes, 182 const std::vector<SBFullHashResult>& full_hashes,
139 size_t* index) { 183 size_t* index) {
140 return GetThreatTypeFromListType( 184 return GetThreatTypeFromListType(
141 GetUrlThreatListType(url, full_hashes, index)); 185 GetUrlSeverestThreatListType(url, full_hashes, index));
142 } 186 }
143 187
144 SafeBrowsingDatabaseManager::SafeBrowsingCheck::SafeBrowsingCheck( 188 SafeBrowsingDatabaseManager::SafeBrowsingCheck::SafeBrowsingCheck(
145 const std::vector<GURL>& urls, 189 const std::vector<GURL>& urls,
146 const std::vector<SBFullHash>& full_hashes, 190 const std::vector<SBFullHash>& full_hashes,
147 Client* client, 191 Client* client,
148 safe_browsing_util::ListType check_type, 192 safe_browsing_util::ListType check_type,
149 const std::vector<SBThreatType>& expected_threats) 193 const std::vector<SBThreatType>& expected_threats)
150 : urls(urls), 194 : urls(urls),
151 url_results(urls.size(), SB_THREAT_TYPE_SAFE), 195 url_results(urls.size(), SB_THREAT_TYPE_SAFE),
(...skipping 12 matching lines...) Expand all
164 208
165 void SafeBrowsingDatabaseManager::Client::OnSafeBrowsingResult( 209 void SafeBrowsingDatabaseManager::Client::OnSafeBrowsingResult(
166 const SafeBrowsingCheck& check) { 210 const SafeBrowsingCheck& check) {
167 DCHECK_EQ(check.urls.size(), check.url_results.size()); 211 DCHECK_EQ(check.urls.size(), check.url_results.size());
168 DCHECK_EQ(check.full_hashes.size(), check.full_hash_results.size()); 212 DCHECK_EQ(check.full_hashes.size(), check.full_hash_results.size());
169 if (!check.urls.empty()) { 213 if (!check.urls.empty()) {
170 DCHECK(check.full_hashes.empty()); 214 DCHECK(check.full_hashes.empty());
171 switch (check.check_type) { 215 switch (check.check_type) {
172 case safe_browsing_util::MALWARE: 216 case safe_browsing_util::MALWARE:
173 case safe_browsing_util::PHISH: 217 case safe_browsing_util::PHISH:
218 case safe_browsing_util::UNWANTEDURL:
174 DCHECK_EQ(1u, check.urls.size()); 219 DCHECK_EQ(1u, check.urls.size());
175 OnCheckBrowseUrlResult( 220 OnCheckBrowseUrlResult(
176 check.urls[0], check.url_results[0], check.url_metadata[0]); 221 check.urls[0], check.url_results[0], check.url_metadata[0]);
177 break; 222 break;
178 case safe_browsing_util::BINURL: 223 case safe_browsing_util::BINURL:
179 DCHECK_EQ(check.urls.size(), check.url_results.size()); 224 DCHECK_EQ(check.urls.size(), check.url_results.size());
180 OnCheckDownloadUrlResult( 225 OnCheckDownloadUrlResult(
181 check.urls, 226 check.urls,
182 *std::max_element(check.url_results.begin(), 227 *std::max_element(check.url_results.begin(),
183 check.url_results.end())); 228 check.url_results.end()));
(...skipping 26 matching lines...) Expand all
210 const scoped_refptr<SafeBrowsingService>& service) 255 const scoped_refptr<SafeBrowsingService>& service)
211 : sb_service_(service), 256 : sb_service_(service),
212 database_(NULL), 257 database_(NULL),
213 enabled_(false), 258 enabled_(false),
214 enable_download_protection_(false), 259 enable_download_protection_(false),
215 enable_csd_whitelist_(false), 260 enable_csd_whitelist_(false),
216 enable_download_whitelist_(false), 261 enable_download_whitelist_(false),
217 enable_extension_blacklist_(false), 262 enable_extension_blacklist_(false),
218 enable_side_effect_free_whitelist_(false), 263 enable_side_effect_free_whitelist_(false),
219 enable_ip_blacklist_(false), 264 enable_ip_blacklist_(false),
265 enable_unwanted_software_blacklist_(false),
220 update_in_progress_(false), 266 update_in_progress_(false),
221 database_update_in_progress_(false), 267 database_update_in_progress_(false),
222 closing_database_(false), 268 closing_database_(false),
223 check_timeout_(base::TimeDelta::FromMilliseconds(kCheckTimeoutMs)) { 269 check_timeout_(base::TimeDelta::FromMilliseconds(kCheckTimeoutMs)) {
224 DCHECK(sb_service_.get() != NULL); 270 DCHECK(sb_service_.get() != NULL);
225 271
226 // Android only supports a subset of FULL_SAFE_BROWSING. 272 // Android only supports a subset of FULL_SAFE_BROWSING.
227 // TODO(shess): This shouldn't be OS-driven <http://crbug.com/394379> 273 // TODO(shess): This shouldn't be OS-driven <http://crbug.com/394379>
228 #if !defined(OS_ANDROID) 274 #if !defined(OS_ANDROID)
229 CommandLine* cmdline = CommandLine::ForCurrentProcess(); 275 CommandLine* cmdline = CommandLine::ForCurrentProcess();
(...skipping 16 matching lines...) Expand all
246 !cmdline->HasSwitch(switches::kSbDisableExtensionBlacklist); 292 !cmdline->HasSwitch(switches::kSbDisableExtensionBlacklist);
247 293
248 enable_side_effect_free_whitelist_ = 294 enable_side_effect_free_whitelist_ =
249 prerender::IsSideEffectFreeWhitelistEnabled() && 295 prerender::IsSideEffectFreeWhitelistEnabled() &&
250 !cmdline->HasSwitch(switches::kSbDisableSideEffectFreeWhitelist); 296 !cmdline->HasSwitch(switches::kSbDisableSideEffectFreeWhitelist);
251 297
252 // The client-side IP blacklist feature is tightly integrated with client-side 298 // The client-side IP blacklist feature is tightly integrated with client-side
253 // phishing protection for now. 299 // phishing protection for now.
254 enable_ip_blacklist_ = enable_csd_whitelist_; 300 enable_ip_blacklist_ = enable_csd_whitelist_;
255 301
302 // TODO(gab): Gate this on the same experiment that will soon control the UwS
303 // URL UI.
304 enable_unwanted_software_blacklist_ = true;
305
256 enum SideEffectFreeWhitelistStatus { 306 enum SideEffectFreeWhitelistStatus {
257 SIDE_EFFECT_FREE_WHITELIST_ENABLED, 307 SIDE_EFFECT_FREE_WHITELIST_ENABLED,
258 SIDE_EFFECT_FREE_WHITELIST_DISABLED, 308 SIDE_EFFECT_FREE_WHITELIST_DISABLED,
259 SIDE_EFFECT_FREE_WHITELIST_STATUS_MAX 309 SIDE_EFFECT_FREE_WHITELIST_STATUS_MAX
260 }; 310 };
261 311
262 SideEffectFreeWhitelistStatus side_effect_free_whitelist_status = 312 SideEffectFreeWhitelistStatus side_effect_free_whitelist_status =
263 enable_side_effect_free_whitelist_ ? SIDE_EFFECT_FREE_WHITELIST_ENABLED : 313 enable_side_effect_free_whitelist_ ? SIDE_EFFECT_FREE_WHITELIST_ENABLED :
264 SIDE_EFFECT_FREE_WHITELIST_DISABLED; 314 SIDE_EFFECT_FREE_WHITELIST_DISABLED;
265 315
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after
402 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); 452 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
403 if (!enabled_) 453 if (!enabled_)
404 return true; 454 return true;
405 455
406 if (!CanCheckUrl(url)) 456 if (!CanCheckUrl(url))
407 return true; 457 return true;
408 458
409 std::vector<SBThreatType> expected_threats; 459 std::vector<SBThreatType> expected_threats;
410 expected_threats.push_back(SB_THREAT_TYPE_URL_MALWARE); 460 expected_threats.push_back(SB_THREAT_TYPE_URL_MALWARE);
411 expected_threats.push_back(SB_THREAT_TYPE_URL_PHISHING); 461 expected_threats.push_back(SB_THREAT_TYPE_URL_PHISHING);
462 expected_threats.push_back(SB_THREAT_TYPE_URL_UNWANTED);
412 463
413 const base::TimeTicks start = base::TimeTicks::Now(); 464 const base::TimeTicks start = base::TimeTicks::Now();
414 if (!MakeDatabaseAvailable()) { 465 if (!MakeDatabaseAvailable()) {
415 QueuedCheck queued_check(safe_browsing_util::MALWARE, // or PHISH 466 QueuedCheck queued_check(safe_browsing_util::MALWARE, // or PHISH
416 client, 467 client,
417 url, 468 url,
418 expected_threats, 469 expected_threats,
419 start); 470 start);
420 queued_checks_.push_back(queued_check); 471 queued_checks_.push_back(queued_check);
421 return false; 472 return false;
422 } 473 }
423 474
424 std::vector<SBPrefix> prefix_hits; 475 // Cache hits should, in general, be the same for both (ignoring potential
476 // cache evictions in the second call for entries that were just about to be
477 // evicted in the first call).
478 // TODO(gab): Refactor SafeBrowsingDatabase to avoid depending on this here.
425 std::vector<SBFullHashResult> cache_hits; 479 std::vector<SBFullHashResult> cache_hits;
426 480
427 bool prefix_match = 481 std::vector<SBPrefix> browse_prefix_hits;
428 database_->ContainsBrowseUrl(url, &prefix_hits, &cache_hits); 482 bool browse_prefix_match = database_->ContainsBrowseUrl(
483 url, &browse_prefix_hits, &cache_hits);
484
485 std::vector<SBPrefix> unwanted_prefix_hits;
486 std::vector<SBFullHashResult> unused_cache_hits;
487 bool unwanted_prefix_match = database_->ContainsUnwantedSoftwareUrl(
488 url, &unwanted_prefix_hits, &unused_cache_hits);
489
490 // Merge the two pre-sorted prefix hits lists.
491 // TODO(gab): Refactor SafeBrowsingDatabase for it to return this merged list
492 // by default rather than building it here.
493 std::vector<SBPrefix> prefix_hits(browse_prefix_hits.size() +
494 unwanted_prefix_hits.size());
495 std::merge(browse_prefix_hits.begin(),
496 browse_prefix_hits.end(),
497 unwanted_prefix_hits.begin(),
498 unwanted_prefix_hits.end(),
499 prefix_hits.begin());
500 prefix_hits.erase(std::unique(prefix_hits.begin(), prefix_hits.end()),
501 prefix_hits.end());
429 502
430 UMA_HISTOGRAM_TIMES("SB2.FilterCheck", base::TimeTicks::Now() - start); 503 UMA_HISTOGRAM_TIMES("SB2.FilterCheck", base::TimeTicks::Now() - start);
431 504
432 if (!prefix_match) 505 if (!browse_prefix_match && !unwanted_prefix_match)
433 return true; // URL is okay. 506 return true; // URL is okay.
434 507
435 // Needs to be asynchronous, since we could be in the constructor of a 508 // Needs to be asynchronous, since we could be in the constructor of a
436 // ResourceDispatcherHost event handler which can't pause there. 509 // ResourceDispatcherHost event handler which can't pause there.
510 // This check will ping the Safe Browsing servers and get all lists which it
511 // matches. These lists will then be filtered against the |expected_threats|
512 // and the result callback for MALWARE (which is the same as for PHISH and
513 // UNWANTEDURL) will eventually be invoked with the final decision.
437 SafeBrowsingCheck* check = new SafeBrowsingCheck(std::vector<GURL>(1, url), 514 SafeBrowsingCheck* check = new SafeBrowsingCheck(std::vector<GURL>(1, url),
438 std::vector<SBFullHash>(), 515 std::vector<SBFullHash>(),
439 client, 516 client,
440 safe_browsing_util::MALWARE, 517 safe_browsing_util::MALWARE,
441 expected_threats); 518 expected_threats);
442 check->need_get_hash = cache_hits.empty(); 519 check->need_get_hash = cache_hits.empty();
443 check->prefix_hits.swap(prefix_hits); 520 check->prefix_hits.swap(prefix_hits);
444 check->cache_hits.swap(cache_hits); 521 check->cache_hits.swap(cache_hits);
445 checks_.insert(check); 522 checks_.insert(check);
446 523
(...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after
698 startup_metric_utils::ScopedSlowStartupUMA 775 startup_metric_utils::ScopedSlowStartupUMA
699 scoped_timer("Startup.SlowStartupSafeBrowsingGetDatabase"); 776 scoped_timer("Startup.SlowStartupSafeBrowsingGetDatabase");
700 const base::TimeTicks before = base::TimeTicks::Now(); 777 const base::TimeTicks before = base::TimeTicks::Now();
701 778
702 SafeBrowsingDatabase* database = 779 SafeBrowsingDatabase* database =
703 SafeBrowsingDatabase::Create(enable_download_protection_, 780 SafeBrowsingDatabase::Create(enable_download_protection_,
704 enable_csd_whitelist_, 781 enable_csd_whitelist_,
705 enable_download_whitelist_, 782 enable_download_whitelist_,
706 enable_extension_blacklist_, 783 enable_extension_blacklist_,
707 enable_side_effect_free_whitelist_, 784 enable_side_effect_free_whitelist_,
708 enable_ip_blacklist_); 785 enable_ip_blacklist_,
786 enable_unwanted_software_blacklist_);
709 787
710 database->Init(SafeBrowsingService::GetBaseFilename()); 788 database->Init(SafeBrowsingService::GetBaseFilename());
711 { 789 {
712 // Acquiring the lock here guarantees correct ordering between the writes to 790 // Acquiring the lock here guarantees correct ordering between the writes to
713 // the new database object above, and the setting of |databse_| below. 791 // the new database object above, and the setting of |databse_| below.
714 base::AutoLock lock(database_lock_); 792 base::AutoLock lock(database_lock_);
715 database_ = database; 793 database_ = database;
716 } 794 }
717 795
718 BrowserThread::PostTask( 796 BrowserThread::PostTask(
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
764 bool is_download = check->check_type == safe_browsing_util::BINURL; 842 bool is_download = check->check_type == safe_browsing_util::BINURL;
765 sb_service_->protocol_manager()->GetFullHash( 843 sb_service_->protocol_manager()->GetFullHash(
766 check->prefix_hits, 844 check->prefix_hits,
767 base::Bind(&SafeBrowsingDatabaseManager::HandleGetHashResults, 845 base::Bind(&SafeBrowsingDatabaseManager::HandleGetHashResults,
768 base::Unretained(this), 846 base::Unretained(this),
769 check), 847 check),
770 is_download); 848 is_download);
771 } else { 849 } else {
772 // We may have cached results for previous GetHash queries. Since 850 // We may have cached results for previous GetHash queries. Since
773 // this data comes from cache, don't histogram hits. 851 // this data comes from cache, don't histogram hits.
774 bool is_threat = HandleOneCheck(check, check->cache_hits); 852 HandleOneCheck(check, check->cache_hits);
775 // cache_hits should only contain hits for a fullhash we searched for, so if
776 // we got to this point it should always result in a threat match.
777 DCHECK(is_threat);
778 } 853 }
779 } 854 }
780 855
781 void SafeBrowsingDatabaseManager::GetAllChunksFromDatabase( 856 void SafeBrowsingDatabaseManager::GetAllChunksFromDatabase(
782 GetChunksCallback callback) { 857 GetChunksCallback callback) {
783 DCHECK_EQ(base::MessageLoop::current(), 858 DCHECK_EQ(base::MessageLoop::current(),
784 safe_browsing_thread_->message_loop()); 859 safe_browsing_thread_->message_loop());
785 860
786 bool database_error = true; 861 bool database_error = true;
787 std::vector<SBListChunkRanges> lists; 862 std::vector<SBListChunkRanges> lists;
(...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after
933 } 1008 }
934 1009
935 bool SafeBrowsingDatabaseManager::HandleOneCheck( 1010 bool SafeBrowsingDatabaseManager::HandleOneCheck(
936 SafeBrowsingCheck* check, 1011 SafeBrowsingCheck* check,
937 const std::vector<SBFullHashResult>& full_hashes) { 1012 const std::vector<SBFullHashResult>& full_hashes) {
938 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); 1013 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
939 DCHECK(check); 1014 DCHECK(check);
940 1015
941 bool is_threat = false; 1016 bool is_threat = false;
942 1017
943 // TODO(shess): GetHashThreadListType() contains a loop, 1018 // TODO(shess): GetHashSeverestThreadListType() contains a loop,
944 // GetUrlThreatListType() a loop around that loop. Having another loop out 1019 // GetUrlSeverestThreatListType() a loop around that loop. Having another
945 // here concerns me. It is likely that SAFE is an expected outcome, which 1020 // loop out here concerns me. It is likely that SAFE is an expected outcome,
946 // means all of those loops run to completion. Refactoring this to generate a 1021 // which means all of those loops run to completion. Refactoring this to
947 // set of sorted items to compare in sequence would probably improve things. 1022 // generate a set of sorted items to compare in sequence would probably
1023 // improve things.
948 // 1024 //
949 // Additionally, the set of patterns generated from the urls is very similar 1025 // Additionally, the set of patterns generated from the urls is very similar
950 // to the patterns generated in ContainsBrowseUrl() and other database checks, 1026 // to the patterns generated in ContainsBrowseUrl() and other database checks,
951 // which are called from this code. Refactoring that across the checks could 1027 // which are called from this code. Refactoring that across the checks could
952 // interact well with batching the checks here. 1028 // interact well with batching the checks here.
953 1029
1030 // TODO(gab): Fix the fact that Get(Url|Hash)SeverestThreatType() may return a
1031 // threat for which IsExpectedThreat() returns false even if |full_hashes|
1032 // actually contains an expected threat.
1033
954 for (size_t i = 0; i < check->urls.size(); ++i) { 1034 for (size_t i = 0; i < check->urls.size(); ++i) {
955 size_t threat_index; 1035 size_t threat_index;
956 SBThreatType threat = 1036 SBThreatType threat =
957 GetUrlThreatType(check->urls[i], full_hashes, &threat_index); 1037 GetUrlSeverestThreatType(check->urls[i], full_hashes, &threat_index);
958 if (threat != SB_THREAT_TYPE_SAFE && 1038 if (threat != SB_THREAT_TYPE_SAFE &&
959 IsExpectedThreat(threat, check->expected_threats)) { 1039 IsExpectedThreat(threat, check->expected_threats)) {
960 check->url_results[i] = threat; 1040 check->url_results[i] = threat;
961 check->url_metadata[i] = full_hashes[threat_index].metadata; 1041 check->url_metadata[i] = full_hashes[threat_index].metadata;
962 is_threat = true; 1042 is_threat = true;
963 } 1043 }
964 } 1044 }
965 1045
966 for (size_t i = 0; i < check->full_hashes.size(); ++i) { 1046 for (size_t i = 0; i < check->full_hashes.size(); ++i) {
967 SBThreatType threat = GetHashThreatType(check->full_hashes[i], full_hashes); 1047 SBThreatType threat =
1048 GetHashSeverestThreatType(check->full_hashes[i], full_hashes);
968 if (threat != SB_THREAT_TYPE_SAFE && 1049 if (threat != SB_THREAT_TYPE_SAFE &&
969 IsExpectedThreat(threat, check->expected_threats)) { 1050 IsExpectedThreat(threat, check->expected_threats)) {
970 check->full_hash_results[i] = threat; 1051 check->full_hash_results[i] = threat;
971 is_threat = true; 1052 is_threat = true;
972 } 1053 }
973 } 1054 }
974 1055
975 SafeBrowsingCheckDone(check); 1056 SafeBrowsingCheckDone(check);
976 return is_threat; 1057 return is_threat;
977 } 1058 }
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after
1074 new base::WeakPtrFactory<SafeBrowsingDatabaseManager>(this)); 1155 new base::WeakPtrFactory<SafeBrowsingDatabaseManager>(this));
1075 checks_.insert(check); 1156 checks_.insert(check);
1076 1157
1077 safe_browsing_thread_->message_loop()->PostTask(FROM_HERE, task); 1158 safe_browsing_thread_->message_loop()->PostTask(FROM_HERE, task);
1078 1159
1079 base::MessageLoop::current()->PostDelayedTask(FROM_HERE, 1160 base::MessageLoop::current()->PostDelayedTask(FROM_HERE,
1080 base::Bind(&SafeBrowsingDatabaseManager::TimeoutCallback, 1161 base::Bind(&SafeBrowsingDatabaseManager::TimeoutCallback,
1081 check->timeout_factory_->GetWeakPtr(), check), 1162 check->timeout_factory_->GetWeakPtr(), check),
1082 check_timeout_); 1163 check_timeout_);
1083 } 1164 }
OLDNEW
« no previous file with comments | « chrome/browser/safe_browsing/database_manager.h ('k') | chrome/browser/safe_browsing/database_manager_unittest.cc » ('j') | chrome/browser/safe_browsing/safe_browsing_database.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698