Add timeout to DMG analysis

To limit regression in the total analysis time from Safe Browsing, cutoff DMG analysis at 10 seconds. Future CLs will institute similar timeouts for ZIP and RAR archives. Bug: 948277 Change-Id: Iff7dabfdecc1791d5a83e36dc34a8c57ed99fd9e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1594166Reviewed-by: Nathan Parker <nparker@chromium.org> Commit-Queue: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#657415}

Add timeout to DMG analysis
To limit regression in the total analysis time from Safe Browsing, cutoff DMG analysis at 10 seconds. Future CLs will institute similar timeouts for ZIP and RAR archives. Bug: 948277 Change-Id: Iff7dabfdecc1791d5a83e36dc34a8c57ed99fd9e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1594166Reviewed-by: Nathan Parker <nparker@chromium.org> Commit-Queue: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#657415}
4a47c3bd · Daniel Rubery · Commit Bot · 535a92be · 4a47c3bd
Commit 4a47c3bd authored May 07, 2019 by Daniel Rubery Committed by Commit Bot May 07, 2019
Show whitespace changes
Inline Side-by-side

Showing with 13 additions and 1 deletion

chrome/utility/safe_browsing/mac/dmg_analyzer.cc chrome/utility/safe_browsing/mac/dmg_analyzer.cc +13 -1

No files found.
--- a/chrome/utility/safe_browsing/mac/dmg_analyzer.cc
+++ b/chrome/utility/safe_browsing/mac/dmg_analyzer.cc
@@ -14,6 +14,7 @@
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
+#include "base/time/time.h"
 #include "chrome/common/safe_browsing/archive_analyzer_results.h"
 #include "chrome/common/safe_browsing/binary_feature_extractor.h"
 #include "chrome/common/safe_browsing/mach_o_image_reader_mac.h"
@@ -28,6 +29,9 @@ namespace dmg {

 namespace {

+// The maximum duration of DMG analysis, in milliseconds.
+const double kDmgAnalysisTimeoutMs = 10000;
+
 // MachOFeatureExtractor examines files to determine if they are Mach-O, and,
 // if so, it uses the BinaryFeatureExtractor to obtain information about the
 // image. In addition, this class will compute the SHA256 hash of the file.
@@ -133,6 +137,7 @@ void AnalyzeDMGFile(base::File dmg_file, ArchiveAnalyzerResults* results) {
 }

 void AnalyzeDMGFile(DMGIterator* iterator, ArchiveAnalyzerResults* results) {
+  base::Time start_time = base::Time::Now();
  results->success = false;

  if (!iterator->Open())
@@ -142,10 +147,16 @@ void AnalyzeDMGFile(DMGIterator* iterator, ArchiveAnalyzerResults* results) {

  results->signature_blob = iterator->GetCodeSignature();

+  bool timeout = false;
  while (iterator->Next()) {
    std::unique_ptr<ReadStream> stream = iterator->GetReadStream();
    if (!stream)
      continue;
+    if (base::Time::Now() - start_time >=
+        base::TimeDelta::FromMilliseconds(kDmgAnalysisTimeoutMs)) {
+      timeout = true;
+      break;
+    }

    std::string path = base::UTF16ToUTF8(iterator->GetPath());

@@ -187,6 +198,7 @@ void AnalyzeDMGFile(DMGIterator* iterator, ArchiveAnalyzerResults* results) {
    }
  }

+  if (!timeout)
    results->success = true;
 }