| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/base_paths.h" | 10 #include "base/base_paths.h" |
| (...skipping 288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 299 return NULL; | 299 return NULL; |
| 300 } | 300 } |
| 301 net::CertificateList certs = | 301 net::CertificateList certs = |
| 302 net::X509Certificate::CreateCertificateListFromBytes( | 302 net::X509Certificate::CreateCertificateListFromBytes( |
| 303 cert_data.data(), | 303 cert_data.data(), |
| 304 cert_data.size(), | 304 cert_data.size(), |
| 305 net::X509Certificate::FORMAT_PEM_CERT_SEQUENCE); | 305 net::X509Certificate::FORMAT_PEM_CERT_SEQUENCE); |
| 306 return certs.empty() ? NULL : certs[0]; | 306 return certs.empty() ? NULL : certs[0]; |
| 307 } | 307 } |
| 308 | 308 |
| 309 const ClientDownloadRequest* GetClientDownloadRequest() const { |
| 310 return last_client_download_request_.get(); |
| 311 } |
| 312 |
| 309 bool HasClientDownloadRequest() const { | 313 bool HasClientDownloadRequest() const { |
| 310 return last_client_download_request_.get() != NULL; | 314 return last_client_download_request_.get() != NULL; |
| 311 } | 315 } |
| 312 | 316 |
| 313 void ClearClientDownloadRequest() { last_client_download_request_.reset(); } | 317 void ClearClientDownloadRequest() { last_client_download_request_.reset(); } |
| 314 | 318 |
| 315 private: | 319 private: |
| 316 // Helper functions for FlushThreadMessageLoops. | 320 // Helper functions for FlushThreadMessageLoops. |
| 317 void RunAllPendingAndQuitUI() { | 321 void RunAllPendingAndQuitUI() { |
| 318 base::MessageLoop::current()->RunUntilIdle(); | 322 base::MessageLoop::current()->RunUntilIdle(); |
| (...skipping 602 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 921 | 925 |
| 922 #if defined(OS_WIN) || defined(OS_MACOSX) | 926 #if defined(OS_WIN) || defined(OS_MACOSX) |
| 923 // OSX sends pings for evaluation purposes. | 927 // OSX sends pings for evaluation purposes. |
| 924 EXPECT_TRUE(HasClientDownloadRequest()); | 928 EXPECT_TRUE(HasClientDownloadRequest()); |
| 925 ClearClientDownloadRequest(); | 929 ClearClientDownloadRequest(); |
| 926 #else | 930 #else |
| 927 EXPECT_FALSE(HasClientDownloadRequest()); | 931 EXPECT_FALSE(HasClientDownloadRequest()); |
| 928 #endif | 932 #endif |
| 929 } | 933 } |
| 930 | 934 |
| 935 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadData) { |
| 936 ClientDownloadResponse response; |
| 937 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 938 net::FakeURLFetcherFactory factory(NULL); |
| 939 factory.SetFakeResponse(DownloadProtectionService::GetDownloadRequestUrl(), |
| 940 response.SerializeAsString(), net::HTTP_OK, |
| 941 net::URLRequestStatus::SUCCESS); |
| 942 |
| 943 base::FilePath a_tmp(FILE_PATH_LITERAL("a.tmp")); |
| 944 base::FilePath a_exe(FILE_PATH_LITERAL("a.exe")); |
| 945 std::vector<GURL> url_chain; |
| 946 url_chain.push_back( |
| 947 GURL("data:text/html:base64,")); |
| 948 url_chain.push_back( |
| 949 GURL("data:text/html:base64,blahblahblah")); |
| 950 url_chain.push_back( |
| 951 GURL("data:application/octet-stream:base64,blahblah")); |
| 952 GURL referrer("data:text/html:base64,foobar"); |
| 953 std::string hash = "hash"; |
| 954 |
| 955 content::MockDownloadItem item; |
| 956 EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp)); |
| 957 EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_exe)); |
| 958 EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain)); |
| 959 EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer)); |
| 960 EXPECT_CALL(item, GetTabUrl()).WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 961 EXPECT_CALL(item, GetTabReferrerUrl()) |
| 962 .WillRepeatedly(ReturnRef(GURL::EmptyGURL())); |
| 963 EXPECT_CALL(item, GetHash()).WillRepeatedly(ReturnRef(hash)); |
| 964 EXPECT_CALL(item, GetReceivedBytes()).WillRepeatedly(Return(100)); |
| 965 EXPECT_CALL(item, HasUserGesture()).WillRepeatedly(Return(true)); |
| 966 EXPECT_CALL(item, GetRemoteAddress()).WillRepeatedly(Return("")); |
| 967 |
| 968 EXPECT_CALL(*sb_service_->mock_database_manager(), |
| 969 MatchDownloadWhitelistUrl(_)).WillRepeatedly(Return(false)); |
| 970 EXPECT_CALL(*binary_feature_extractor_.get(), CheckSignature(a_tmp, _)) |
| 971 .Times(1); |
| 972 EXPECT_CALL(*binary_feature_extractor_.get(), ExtractImageHeaders(a_tmp, _)) |
| 973 .Times(1); |
| 974 |
| 975 download_service_->CheckClientDownload( |
| 976 &item, |
| 977 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 978 base::Unretained(this))); |
| 979 MessageLoop::current()->Run(); |
| 980 #if defined(OS_WIN) |
| 981 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 982 #else |
| 983 EXPECT_TRUE(IsResult(DownloadProtectionService::UNKNOWN)); |
| 984 #endif |
| 985 |
| 986 #if defined(OS_WIN) || defined(OS_MACOSX) |
| 987 // OSX sends pings for evaluation purposes. |
| 988 ASSERT_TRUE(HasClientDownloadRequest()); |
| 989 const ClientDownloadRequest& request = *GetClientDownloadRequest(); |
| 990 const char kExpectedUrl[] = |
| 991 "data:application/octet-stream:base64," |
| 992 "ACBF6DFC6F907662F566CA0241DFE8690C48661F440BA1BBD0B86C582845CCC8"; |
| 993 const char kExpectedRedirect1[] = "data:text/html:base64,"; |
| 994 const char kExpectedRedirect2[] = |
| 995 "data:text/html:base64," |
| 996 "620680767E15717A57DB11D94D1BEBD32B3344EBC5994DF4FB07B0D473F4EF6B"; |
| 997 const char kExpectedReferrer[] = |
| 998 "data:text/html:base64," |
| 999 "06E2C655B9F7130B508FFF86FD19B57E6BF1A1CFEFD6EFE1C3EB09FE24EF456A"; |
| 1000 EXPECT_EQ(hash, request.digests().sha256()); |
| 1001 EXPECT_EQ(kExpectedUrl, request.url()); |
| 1002 EXPECT_EQ(3, request.resources_size()); |
| 1003 EXPECT_TRUE(RequestContainsResource(request, |
| 1004 ClientDownloadRequest::DOWNLOAD_REDIRECT, |
| 1005 kExpectedRedirect1, "")); |
| 1006 EXPECT_TRUE(RequestContainsResource(request, |
| 1007 ClientDownloadRequest::DOWNLOAD_REDIRECT, |
| 1008 kExpectedRedirect2, "")); |
| 1009 EXPECT_TRUE(RequestContainsResource(request, |
| 1010 ClientDownloadRequest::DOWNLOAD_URL, |
| 1011 kExpectedUrl, kExpectedReferrer)); |
| 1012 ClearClientDownloadRequest(); |
| 1013 #else |
| 1014 EXPECT_FALSE(HasClientDownloadRequest()); |
| 1015 #endif |
| 1016 } |
| 1017 |
| 931 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadZip) { | 1018 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadZip) { |
| 932 ClientDownloadResponse response; | 1019 ClientDownloadResponse response; |
| 933 response.set_verdict(ClientDownloadResponse::SAFE); | 1020 response.set_verdict(ClientDownloadResponse::SAFE); |
| 934 net::FakeURLFetcherFactory factory(NULL); | 1021 net::FakeURLFetcherFactory factory(NULL); |
| 935 // Empty response means SAFE. | 1022 // Empty response means SAFE. |
| 936 factory.SetFakeResponse( | 1023 factory.SetFakeResponse( |
| 937 DownloadProtectionService::GetDownloadRequestUrl(), | 1024 DownloadProtectionService::GetDownloadRequestUrl(), |
| 938 response.SerializeAsString(), | 1025 response.SerializeAsString(), |
| 939 net::HTTP_OK, net::URLRequestStatus::SUCCESS); | 1026 net::HTTP_OK, net::URLRequestStatus::SUCCESS); |
| 940 | 1027 |
| (...skipping 879 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1820 EXPECT_THAT(whitelist_strings, ElementsAre(cert_base + "/OU=unit")); | 1907 EXPECT_THAT(whitelist_strings, ElementsAre(cert_base + "/OU=unit")); |
| 1821 | 1908 |
| 1822 cert = ReadTestCertificate("test_c.pem"); | 1909 cert = ReadTestCertificate("test_c.pem"); |
| 1823 ASSERT_TRUE(cert.get()); | 1910 ASSERT_TRUE(cert.get()); |
| 1824 whitelist_strings.clear(); | 1911 whitelist_strings.clear(); |
| 1825 GetCertificateWhitelistStrings( | 1912 GetCertificateWhitelistStrings( |
| 1826 *cert.get(), *issuer_cert.get(), &whitelist_strings); | 1913 *cert.get(), *issuer_cert.get(), &whitelist_strings); |
| 1827 EXPECT_THAT(whitelist_strings, ElementsAre()); | 1914 EXPECT_THAT(whitelist_strings, ElementsAre()); |
| 1828 } | 1915 } |
| 1829 } // namespace safe_browsing | 1916 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 792283002:
Safebrowsing download protection: handle data URIs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master