Add the goog-unwanted-shavar list to a new SafeBrowsing PrefixSet.

chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // This test creates a safebrowsing service using test safebrowsing database
 // and a test protocol manager. It is used to test logics in safebrowsing
 // service.
 
 #include <algorithm>
 
@@ skipping 116 matching lines @@
   // otherwise it returns false.
   bool ContainsBrowseUrl(const GURL& url,
                          std::vector<SBPrefix>* prefix_hits,
                          std::vector<SBFullHashResult>* cache_hits) override {
     cache_hits->clear();
     return ContainsUrl(safe_browsing_util::MALWARE,
                        safe_browsing_util::PHISH,
                        std::vector<GURL>(1, url),
                        prefix_hits);
   }
+  bool ContainsUnwantedSoftwareUrl(
+      const GURL& url,
+      std::vector<SBPrefix>* prefix_hits,
+      std::vector<SBFullHashResult>* cache_hits) override {
+    cache_hits->clear();
+    return ContainsUrl(safe_browsing_util::UNWANTEDURL,
+                       safe_browsing_util::UNWANTEDURL,
+                       std::vector<GURL>(1, url),
+                       prefix_hits);
+  }
   bool ContainsDownloadUrl(const std::vector<GURL>& urls,
                            std::vector<SBPrefix>* prefix_hits) override {
     bool found = ContainsUrl(safe_browsing_util::BINURL,
                              safe_browsing_util::BINURL,
                              urls,
                              prefix_hits);
     if (!found)
       return false;
     DCHECK_LE(1U, prefix_hits->size());
     return true;
@@ skipping 32 matching lines @@
                         const base::TimeDelta& cache_lifetime) override {
     // Do nothing for the cache.
   }
   bool IsMalwareIPMatchKillSwitchOn() override { return false; }
   bool IsCsdWhitelistKillSwitchOn() override { return false; }
 
   // Fill up the database with test URL.
   void AddUrl(const GURL& url,
               int list_id,
               const std::vector<SBPrefix>& prefix_hits) {
-    badurls_[url.spec()].list_id = list_id;
-    badurls_[url.spec()].prefix_hits = prefix_hits;
+    Hits* hits_for_url = &badurls_[url.spec()];
+    hits_for_url->list_ids.push_back(list_id);
+    hits_for_url->prefix_hits.insert(hits_for_url->prefix_hits.end(),
+                                     prefix_hits.begin(),
+                                     prefix_hits.end());
   }
 
   // Fill up the database with test hash digest.
   void AddDownloadPrefix(SBPrefix prefix) {
     download_digest_prefix_.insert(prefix);
   }
 
  private:
+  // Stores |list_ids| of safe browsing lists that match some |prefix_hits|.
   struct Hits {
-    int list_id;
+    std::vector<int> list_ids;
     std::vector<SBPrefix> prefix_hits;
   };
 
   bool ContainsUrl(int list_id0,
                    int list_id1,
                    const std::vector<GURL>& urls,
                    std::vector<SBPrefix>* prefix_hits) {
     bool hit = false;
     for (size_t i = 0; i < urls.size(); ++i) {
       const GURL& url = urls[i];
       base::hash_map<std::string, Hits>::const_iterator
           badurls_it = badurls_.find(url.spec());
 
       if (badurls_it == badurls_.end())
         continue;
 
-      if (badurls_it->second.list_id == list_id0 ||
-          badurls_it->second.list_id == list_id1) {
+      std::vector<int> list_ids_for_url = badurls_it->second.list_ids;
+      if (std::find(list_ids_for_url.begin(), list_ids_for_url.end(), list_id0)
+              != list_ids_for_url.end() ||
+          std::find(list_ids_for_url.begin(), list_ids_for_url.end(), list_id1)
+              != list_ids_for_url.end()) {
         prefix_hits->insert(prefix_hits->end(),
                             badurls_it->second.prefix_hits.begin(),
                             badurls_it->second.prefix_hits.end());
         hit = true;
       }
     }
     return hit;
   }
 
   base::hash_map<std::string, Hits> badurls_;
   base::hash_set<SBPrefix> download_digest_prefix_;
 };
 
 // Factory that creates TestSafeBrowsingDatabase instances.
 class TestSafeBrowsingDatabaseFactory : public SafeBrowsingDatabaseFactory {
  public:
   TestSafeBrowsingDatabaseFactory() : db_(NULL) {}
   ~TestSafeBrowsingDatabaseFactory() override {}
 
   SafeBrowsingDatabase* CreateSafeBrowsingDatabase(
       bool enable_download_protection,
       bool enable_client_side_whitelist,
       bool enable_download_whitelist,
       bool enable_extension_blacklist,
       bool enable_side_effect_free_whitelist,
-      bool enable_ip_blacklist) override {
+      bool enable_ip_blacklist,
+      bool enabled_unwanted_software_list) override {
     db_ = new TestSafeBrowsingDatabase();
     return db_;
   }
   TestSafeBrowsingDatabase* GetDb() {
     return db_;
   }
  private:
   // Owned by the SafebrowsingService.
   TestSafeBrowsingDatabase* db_;
 };
@@ skipping 19 matching lines @@
   void GetFullHash(const std::vector<SBPrefix>& prefixes,
                    SafeBrowsingProtocolManager::FullHashCallback callback,
                    bool is_download) override {
     BrowserThread::PostDelayedTask(
         BrowserThread::IO, FROM_HERE,
         base::Bind(InvokeFullHashCallback, callback, full_hashes_),
         delay_);
   }
 
   // Prepare the GetFullHash results for the next request.
-  void SetGetFullHashResponse(const SBFullHashResult& full_hash_result) {
-    full_hashes_.clear();
+  void AddGetFullHashResponse(const SBFullHashResult& full_hash_result) {
     full_hashes_.push_back(full_hash_result);
   }
 
   void IntroduceDelay(const base::TimeDelta& delay) {
     delay_ = delay;
   }
 
   static int create_count() {
     return create_count_;
   }
@@ skipping 100 matching lines @@
     command_line->AppendSwitch(
         chromeos::switches::kIgnoreUserProfileMappingForTests);
 #endif
   }
 
   virtual void SetUpInProcessBrowserTestFixture() {
     ASSERT_TRUE(test_server()->Start());
   }
 
   // This will setup the "url" prefix in database and prepare protocol manager
-  // to response with |full_hash| for get full hash request.
+  // to respond with |full_hash|, as well as other |full_hash|es previously set
+  // via this call, on GetFullHash requests.
   void SetupResponseForUrl(const GURL& url, const SBFullHashResult& full_hash) {
     std::vector<SBPrefix> prefix_hits;
     prefix_hits.push_back(full_hash.hash.prefix);
 
     // Make sure the full hits is empty unless we need to test the
     // full hash is hit in database's local cache.
     TestSafeBrowsingDatabase* db = db_factory_.GetDb();
     db->AddUrl(url, full_hash.list_id, prefix_hits);
 
     TestProtocolManager* pm = pm_factory_.GetProtocolManager();
-    pm->SetGetFullHashResponse(full_hash);
+    pm->AddGetFullHashResponse(full_hash);
   }
 
   bool ShowingInterstitialPage() {
     WebContents* contents =
         browser()->tab_strip_model()->GetActiveWebContents();
     InterstitialPage* interstitial_page = contents->GetInterstitialPage();
     return interstitial_page != NULL;
   }
 
   void IntroduceGetHashDelay(const base::TimeDelta& delay) {
@@ skipping 289 matching lines @@
   }
 
   void CheckDownloadUrl(const std::vector<GURL>& url_chain) {
     BrowserThread::PostTask(
         BrowserThread::IO, FROM_HERE,
         base::Bind(&TestSBClient::CheckDownloadUrlOnIOThread,
                    this, url_chain));
     content::RunMessageLoop();  // Will stop in OnCheckDownloadUrlResult.
   }
 
+  void CheckBrowseUrl(const GURL& url) {
+    BrowserThread::PostTask(
+        BrowserThread::IO, FROM_HERE,
+        base::Bind(&TestSBClient::CheckBrowseUrlOnIOThread, this, url));
+    content::RunMessageLoop();  // Will stop in OnCheckBrowseUrlResult.
+  }
+
  private:
   friend class base::RefCountedThreadSafe<TestSBClient>;
   ~TestSBClient() override {}
 
   void CheckDownloadUrlOnIOThread(const std::vector<GURL>& url_chain) {
-    safe_browsing_service_->database_manager()->
-        CheckDownloadUrl(url_chain, this);
+    bool synchronous_safe_signal =
+        safe_browsing_service_->database_manager()->CheckDownloadUrl(url_chain,
+                                                                     this);
+    if (synchronous_safe_signal) {
+      threat_type_ = SB_THREAT_TYPE_SAFE;
+      BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
+                              base::Bind(&TestSBClient::CheckDone, this));
+    }
+  }
+
+  void CheckBrowseUrlOnIOThread(const GURL& url) {
+    // The async CheckDone() hook will not be called when we have a synchronous
+    // safe signal, handle it right away.
+    bool synchronous_safe_signal =
+        safe_browsing_service_->database_manager()->CheckBrowseUrl(url, this);
+    if (synchronous_safe_signal) {
+      threat_type_ = SB_THREAT_TYPE_SAFE;
+      BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
+                              base::Bind(&TestSBClient::CheckDone, this));
+    }
   }
 
   // Called when the result of checking a download URL is known.
-  void OnCheckDownloadUrlResult(const std::vector<GURL>& url_chain,
+  void OnCheckDownloadUrlResult(const std::vector<GURL>& /* url_chain */,
                                 SBThreatType threat_type) override {
     threat_type_ = threat_type;
     BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
-                            base::Bind(&TestSBClient::DownloadCheckDone, this));
+                            base::Bind(&TestSBClient::CheckDone, this));
   }
 
-  void DownloadCheckDone() {
+  // Called when the result of checking a browse URL is known.
+  void OnCheckBrowseUrlResult(const GURL& /* url */,
+                              SBThreatType threat_type,
+                              const std::string& /* metadata */) override {
+    threat_type_ = threat_type;
+    BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
+                            base::Bind(&TestSBClient::CheckDone, this));
+  }
+
+  void CheckDone() {
     base::MessageLoopForUI::current()->Quit();
   }
 
   SBThreatType threat_type_;
   SafeBrowsingService* safe_browsing_service_;
 
   DISALLOW_COPY_AND_ASSIGN(TestSBClient);
 };
 
 // These tests use SafeBrowsingService::Client to directly interact with
@@ skipping 14 matching lines @@
   GenUrlFullhashResult(badbin_url, safe_browsing_util::BINURL,
                        &full_hash_result);
   SetupResponseForUrl(badbin_url, full_hash_result);
 
   client->CheckDownloadUrl(badbin_urls);
 
   // Now, the badbin_url is not safe since it is added to download database.
   EXPECT_EQ(SB_THREAT_TYPE_BINARY_MALWARE_URL, client->GetThreatType());
 }
 
+IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckUnwantedSoftwareUrl) {
+  const GURL bad_url = test_server()->GetURL(kMalwareFile);
+  {
+    scoped_refptr<TestSBClient> client(new TestSBClient);
+
+    // Since bad_url is not in database, it is considered to be
+    // safe.
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_SAFE, client->GetThreatType());
+
+    SBFullHashResult full_hash_result;
+    GenUrlFullhashResult(
+        bad_url, safe_browsing_util::UNWANTEDURL, &full_hash_result);
+    SetupResponseForUrl(bad_url, full_hash_result);
+
+    // Now, the bad_url is not safe since it is added to download
+    // database.
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_URL_UNWANTED, client->GetThreatType());
+  }
+
+  // The unwantedness should survive across multiple clients.
+  {
+    scoped_refptr<TestSBClient> client(new TestSBClient);
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_URL_UNWANTED, client->GetThreatType());
+  }
+
+  // An unwanted URL also marked as malware should be flagged as malware.
+  {
+    scoped_refptr<TestSBClient> client(new TestSBClient);
+
+    SBFullHashResult full_hash_result;
+    GenUrlFullhashResult(
+        bad_url, safe_browsing_util::MALWARE, &full_hash_result);
+    SetupResponseForUrl(bad_url, full_hash_result);
+
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_URL_MALWARE, client->GetThreatType());
+  }
+}
+
+IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckBrowseUrl) {
+  const GURL bad_url = test_server()->GetURL(kMalwareFile);
+  {
+    scoped_refptr<TestSBClient> client(new TestSBClient);
+
+    // Since bad_url is not in database, it is considered to be
+    // safe.
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_SAFE, client->GetThreatType());
+
+    SBFullHashResult full_hash_result;
+    GenUrlFullhashResult(
+        bad_url, safe_browsing_util::MALWARE, &full_hash_result);
+    SetupResponseForUrl(bad_url, full_hash_result);
+
+    // Now, the bad_url is not safe since it is added to download
+    // database.
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_URL_MALWARE, client->GetThreatType());
+  }
+
+  // The unwantedness should survive across multiple clients.
+  {
+    scoped_refptr<TestSBClient> client(new TestSBClient);
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_URL_MALWARE, client->GetThreatType());
+  }
+
+  // Adding the unwanted state to an existing malware URL should have no impact
+  // (i.e. a malware hit should still prevail).
+  {
+    scoped_refptr<TestSBClient> client(new TestSBClient);
+
+    SBFullHashResult full_hash_result;
+    GenUrlFullhashResult(
+        bad_url, safe_browsing_util::UNWANTEDURL, &full_hash_result);
+    SetupResponseForUrl(bad_url, full_hash_result);
+
+    client->CheckBrowseUrl(bad_url);
+    EXPECT_EQ(SB_THREAT_TYPE_URL_MALWARE, client->GetThreatType());
+  }
+}
+
 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckDownloadUrlRedirects) {
   GURL original_url = test_server()->GetURL(kEmptyPage);
   GURL badbin_url = test_server()->GetURL(kMalwareFile);
   GURL final_url = test_server()->GetURL(kEmptyPage);
   std::vector<GURL> badbin_urls;
   badbin_urls.push_back(original_url);
   badbin_urls.push_back(badbin_url);
   badbin_urls.push_back(final_url);
 
   scoped_refptr<TestSBClient> client(new TestSBClient);
@@ skipping 300 matching lines @@
   content::WindowedNotificationObserver observer(
       chrome::NOTIFICATION_SAFE_BROWSING_UPDATE_COMPLETE,
       content::Source<SafeBrowsingDatabaseManager>(
           sb_service_->database_manager().get()));
   BrowserThread::PostTask(
       BrowserThread::IO,
       FROM_HERE,
       base::Bind(&SafeBrowsingDatabaseManagerCookieTest::ForceUpdate, this));
   observer.Wait();
 }