Combine verdict and status fields for malware deep scan responses

The server will be reporting failure as a separate verdict, rather than using the status field (right now the status field is always unset). The corresponding server-side change is cl/296334194 Change-Id: Iea78604e6d07871f7e5c798dab5b933969d21d25 Bug: 1045986 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2068038 Commit-Queue: Daniel Rubery <drubery@chromium.org> Reviewed-by: Xinghui Lu <xinghuilu@chromium.org> Cr-Commit-Position: refs/heads/master@{#743980}

Combine verdict and status fields for malware deep scan responses
The server will be reporting failure as a separate verdict, rather than using the status field (right now the status field is always unset). The corresponding server-side change is cl/296334194 Change-Id: Iea78604e6d07871f7e5c798dab5b933969d21d25 Bug: 1045986 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2068038 Commit-Queue: Daniel Rubery <drubery@chromium.org> Reviewed-by: Xinghui Lu <xinghuilu@chromium.org> Cr-Commit-Position: refs/heads/master@{#743980}
2c2ece48 · Daniel Rubery · Commit Bot · e6b28be5 · 2c2ece48 · 2c2ece48
Commit 2c2ece48 authored Feb 24, 2020 by Daniel Rubery Committed by Commit Bot Feb 24, 2020
8 changed files
--- a/chrome/browser/safe_browsing/cloud_content_scanning/binary_upload_service.cc
+++ b/chrome/browser/safe_browsing/cloud_content_scanning/binary_upload_service.cc
@@ -368,8 +368,8 @@ void BinaryUploadService::RecordRequestMetrics(

  if (response.has_malware_scan_verdict()) {
    base::UmaHistogramBoolean("SafeBrowsingBinaryUploadRequest.MalwareResult",
-                              response.malware_scan_verdict().status() ==
-                                  MalwareDeepScanningVerdict::SUCCESS);
+                              response.malware_scan_verdict().verdict() !=
+                                  MalwareDeepScanningVerdict::SCAN_FAILURE);
  }

  if (response.has_dlp_scan_verdict()) {

--- a/chrome/browser/safe_browsing/cloud_content_scanning/deep_scanning_dialog_delegate.cc
+++ b/chrome/browser/safe_browsing/cloud_content_scanning/deep_scanning_dialog_delegate.cc
@@ -514,12 +514,8 @@ void DeepScanningDialogDelegate::CompleteFileRequestCallback(
  bool dlp_ok = DlpTriggeredRulesOK(response.dlp_scan_verdict());
  bool malware_ok = true;
  if (response.has_malware_scan_verdict()) {
-    malware_ok = response.malware_scan_verdict().status() ==
-                     MalwareDeepScanningVerdict::SUCCESS &&
-                 response.malware_scan_verdict().verdict() !=
-                     MalwareDeepScanningVerdict::UWS &&
-                 response.malware_scan_verdict().verdict() !=
-                     MalwareDeepScanningVerdict::MALWARE;
+    malware_ok = response.malware_scan_verdict().verdict() ==
+                 MalwareDeepScanningVerdict::CLEAN;
  }

  bool file_complies = ResultShouldAllowDataUse(result) && dlp_ok && malware_ok;

--- a/chrome/browser/safe_browsing/cloud_content_scanning/deep_scanning_utils.cc
+++ b/chrome/browser/safe_browsing/cloud_content_scanning/deep_scanning_utils.cc
@@ -91,8 +91,8 @@ void MaybeReportDeepScanningVerdict(Profile* profile,
    return;

  if (response.has_malware_scan_verdict() &&
-      response.malware_scan_verdict().status() !=
-          MalwareDeepScanningVerdict::SUCCESS) {
+      response.malware_scan_verdict().verdict() ==
+          MalwareDeepScanningVerdict::SCAN_FAILURE) {
    extensions::SafeBrowsingPrivateEventRouterFactory::GetForProfile(profile)
        ->OnUnscannedFileEvent(url, file_name, download_digest_sha256,
                               mime_type, trigger, "malwareScanFailed",
@@ -296,8 +296,6 @@ DeepScanningClientResponse SimpleDeepScanningClientResponseForTesting(
  }

  if (malware_success.has_value()) {
-    response.mutable_malware_scan_verdict()->set_status(
-        MalwareDeepScanningVerdict::SUCCESS);
    if (malware_success.value()) {
      response.mutable_malware_scan_verdict()->set_verdict(
          MalwareDeepScanningVerdict::CLEAN);

--- a/chrome/browser/safe_browsing/cloud_content_scanning/fake_deep_scanning_dialog_delegate.cc
+++ b/chrome/browser/safe_browsing/cloud_content_scanning/fake_deep_scanning_dialog_delegate.cc
@@ -81,8 +81,6 @@ DeepScanningClientResponse FakeDeepScanningDialogDelegate::SuccessfulResponse(
        DlpDeepScanningVerdict::SUCCESS);
  }
  if (include_malware) {
-    response.mutable_malware_scan_verdict()->set_status(
-        MalwareDeepScanningVerdict::SUCCESS);
    response.mutable_malware_scan_verdict()->set_verdict(
        MalwareDeepScanningVerdict::CLEAN);
  }
@@ -94,8 +92,6 @@ DeepScanningClientResponse FakeDeepScanningDialogDelegate::SuccessfulResponse(
 DeepScanningClientResponse FakeDeepScanningDialogDelegate::MalwareResponse(
    MalwareDeepScanningVerdict::Verdict verdict) {
  DeepScanningClientResponse response;
-  response.mutable_malware_scan_verdict()->set_status(
-      MalwareDeepScanningVerdict::SUCCESS);
  response.mutable_malware_scan_verdict()->set_verdict(verdict);
  return response;
 }

--- a/chrome/browser/safe_browsing/download_protection/deep_scanning_request.cc
+++ b/chrome/browser/safe_browsing/download_protection/deep_scanning_request.cc
@@ -36,9 +36,7 @@ namespace {
 void DeepScanningClientResponseToDownloadCheckResult(
    const DeepScanningClientResponse& response,
    DownloadCheckResult* download_result) {
-  if (response.has_malware_scan_verdict() &&
-      response.malware_scan_verdict().status() ==
-          MalwareDeepScanningVerdict::SUCCESS) {
+  if (response.has_malware_scan_verdict()) {
    if (response.malware_scan_verdict().verdict() ==
        MalwareDeepScanningVerdict::MALWARE) {
      *download_result = DownloadCheckResult::DANGEROUS;

--- a/chrome/browser/safe_browsing/download_protection/deep_scanning_request_unittest.cc
+++ b/chrome/browser/safe_browsing/download_protection/deep_scanning_request_unittest.cc
@@ -343,8 +343,6 @@ TEST_F(DeepScanningRequestTest, ProcessesResponseCorrectly) {
        &download_protection_service_);

    DeepScanningClientResponse response;
-    response.mutable_malware_scan_verdict()->set_status(
-        MalwareDeepScanningVerdict::SUCCESS);
    response.mutable_malware_scan_verdict()->set_verdict(
        MalwareDeepScanningVerdict::MALWARE);
    response.mutable_dlp_scan_verdict()->set_status(
@@ -367,8 +365,6 @@ TEST_F(DeepScanningRequestTest, ProcessesResponseCorrectly) {
        &download_protection_service_);

    DeepScanningClientResponse response;
-    response.mutable_malware_scan_verdict()->set_status(
-        MalwareDeepScanningVerdict::SUCCESS);
    response.mutable_malware_scan_verdict()->set_verdict(
        MalwareDeepScanningVerdict::UWS);
    response.mutable_dlp_scan_verdict()->set_status(
@@ -471,8 +467,8 @@ TEST_F(DeepScanningRequestTest, ProcessesResponseCorrectly) {
        &download_protection_service_);

    DeepScanningClientResponse response;
-    response.mutable_malware_scan_verdict()->set_status(
-        MalwareDeepScanningVerdict::FAILURE);
+    response.mutable_malware_scan_verdict()->set_verdict(
+        MalwareDeepScanningVerdict::SCAN_FAILURE);
    download_protection_service_.GetFakeBinaryUploadService()->SetResponse(
        BinaryUploadService::Result::SUCCESS, response);


--- a/components/safe_browsing/content/web_ui/safe_browsing_ui.cc
+++ b/components/safe_browsing/content/web_ui/safe_browsing_ui.cc
@@ -1338,18 +1338,6 @@ std::string SerializeDeepScanningResponse(
  if (response.has_malware_scan_verdict()) {
    base::DictionaryValue malware_verdict;

-    switch (response.malware_scan_verdict().status()) {
-      case MalwareDeepScanningVerdict::STATUS_UNKNOWN:
-        malware_verdict.SetStringKey("status", "STATUS_UNKNOWN");
-        break;
-      case MalwareDeepScanningVerdict::SUCCESS:
-        malware_verdict.SetStringKey("status", "SUCCESS");
-        break;
-      case MalwareDeepScanningVerdict::FAILURE:
-        malware_verdict.SetStringKey("status", "FAILURE");
-        break;
-    }
-
    switch (response.malware_scan_verdict().verdict()) {
      case MalwareDeepScanningVerdict::VERDICT_UNSPECIFIED:
        malware_verdict.SetStringKey("verdict", "VERDICT_UNSPECIFIED");
@@ -1363,6 +1351,9 @@ std::string SerializeDeepScanningResponse(
      case MalwareDeepScanningVerdict::MALWARE:
        malware_verdict.SetStringKey("verdict", "MALWARE");
        break;
+      case MalwareDeepScanningVerdict::SCAN_FAILURE:
+        malware_verdict.SetStringKey("verdict", "SCAN_FAILURE");
+        break;
    }

    response_dict.SetKey("malware_scan_verdict", std::move(malware_verdict));

--- a/components/safe_browsing/core/proto/webprotect.proto
+++ b/components/safe_browsing/core/proto/webprotect.proto
@@ -62,19 +62,14 @@ message DeepScanningClientRequest {

 // Malware-specific response given back for scanned content.
 message MalwareDeepScanningVerdict {
-  // The status of the malware verdict.
-  enum Status {
-    STATUS_UNKNOWN = 0;
-    SUCCESS = 1;
-    FAILURE = 2;
-  }
-  optional Status status = 2;
+  reserved 2;

  enum Verdict {
    VERDICT_UNSPECIFIED = 0;
    CLEAN = 1;
    UWS = 2;
    MALWARE = 3;
+    SCAN_FAILURE = 4;
  }
  // Verdict given to scanned content.
  optional Verdict verdict = 1;