[gin] Fingerprint the V8 snapshot files on Windows and verify before loading the snapshot.

gin/isolate_holder.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "gin/public/isolate_holder.h"
 
 #include <stdlib.h>
 #include <string.h>
 
 #include "base/files/memory_mapped_file.h"
 #include "base/logging.h"
 #include "base/message_loop/message_loop.h"
 #include "base/rand_util.h"
 #include "base/sys_info.h"
+#include "crypto/sha2.h"
 #include "gin/array_buffer.h"
 #include "gin/debug_impl.h"
 #include "gin/function_template.h"
 #include "gin/per_isolate_data.h"
 #include "gin/public/v8_platform.h"
 #include "gin/run_microtasks_observer.h"
 
 #ifdef V8_USE_EXTERNAL_STARTUP_DATA
 #ifdef OS_MACOSX
 #include "base/mac/foundation_util.h"
@@ skipping 40 matching lines @@
       delete g_mapped_snapshot;
       g_mapped_snapshot = NULL;
       LOG(ERROR) << "Couldn't mmap v8 snapshot data file";
       return false;
     }
   }
 
   return true;
 }
 
+bool VerifyV8SnapshotFile(base::MemoryMappedFile* snapshot_file,

[jochen (gone - plz use gerrit), 2015/01/08 15:11:53]

#if defined(OS_WIN)

[rmcilroy, 2015/01/08 16:29:21]

Done.

+                          const unsigned char* fingerprint) {
+  unsigned char output[crypto::kSHA256Length];
+  crypto::SHA256HashString(
+      base::StringPiece(reinterpret_cast<const char*>(snapshot_file->data()),
+                        snapshot_file->length()),
+      output, sizeof(output));
+  return !memcmp(fingerprint, output, sizeof(output));
+}
+
 #if !defined(OS_MACOSX)
 const int v8_snapshot_dir =
 #if defined(OS_ANDROID)
     base::DIR_ANDROID_APP_DATA;
 #elif defined(OS_POSIX)
     base::DIR_EXE;
 #endif  // defined(OS_ANDROID)
 #endif  // !defined(OS_MACOSX)
 
 #endif  // V8_USE_EXTERNAL_STARTUP_DATA
 
 }  // namespace
 
 
 #ifdef V8_USE_EXTERNAL_STARTUP_DATA
+
+// Declared in gen/gin/v8_snapshot_fingerprint.cc
+extern const unsigned char g_natives_fingerprint[];
+extern const unsigned char g_snapshot_fingerprint[];
+
 // static
 bool IsolateHolder::LoadV8Snapshot() {
   if (g_mapped_natives && g_mapped_snapshot)
     return true;
 
 #if !defined(OS_MACOSX)
   base::FilePath data_path;
   PathService::Get(v8_snapshot_dir, &data_path);
   DCHECK(!data_path.empty());
 
@@ skipping 11 matching lines @@
   return MapV8Files(&natives_path, &snapshot_path);
 }
 
 //static
 bool IsolateHolder::LoadV8SnapshotFD(int natives_fd, int snapshot_fd) {
   if (g_mapped_natives && g_mapped_snapshot)
     return true;
 
   return MapV8Files(NULL, NULL, natives_fd, snapshot_fd);
 }
+
+// static
+bool IsolateHolder::LoadAndVerifyV8Snapshot() {

[jochen (gone - plz use gerrit), 2015/01/08 15:11:53]

#if OS_WIN

[rmcilroy, 2015/01/08 16:29:21]

Done (and also ifdeffed out LoadV8Snapshot on Windows as discussed offline)

+  if (!LoadV8Snapshot())
+    return false;
+  return VerifyV8SnapshotFile(g_mapped_natives, g_natives_fingerprint) &&
+         VerifyV8SnapshotFile(g_mapped_snapshot, g_snapshot_fingerprint);
+}
+
 #endif  // V8_USE_EXTERNAL_STARTUP_DATA
 
 //static
 void IsolateHolder::GetV8ExternalSnapshotData(const char** natives_data_out,
                                               int* natives_size_out,
                                               const char** snapshot_data_out,
                                               int* snapshot_size_out) {
   if (!g_mapped_natives || !g_mapped_snapshot) {
     *natives_data_out = *snapshot_data_out = NULL;
     *natives_size_out = *snapshot_size_out = 0;
@@ skipping 83 matching lines @@
   base::MessageLoop::current()->AddTaskObserver(task_observer_.get());
 }
 
 void IsolateHolder::RemoveRunMicrotasksObserver() {
   DCHECK(task_observer_.get());
   base::MessageLoop::current()->RemoveTaskObserver(task_observer_.get());
   task_observer_.reset();
 }
 
 }  // namespace gin