Prevent users adding too many extension requests.

Only 1000 requests are allowed which should be enough. For now, there
won't be any user warning if that happen. Once the limitation is
exceeded, some requests will be filter out. The filter is stable.

One request contains a 32 characters extension id and int64 timestamp.
1000 requests should take less than 50kb per Profile. The report size
limitation os 5mb.

Bug: 1065458
Change-Id: Id9e654dfd43783d22f0535ba5f27679e744f4ffe
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2124908
Commit-Queue: Owen Min <zmin@chromium.org>
Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org>
Cr-Commit-Position: refs/heads/master@{#754903}

chrome/browser/enterprise/reporting/profile_report_generator.cc

@@ -31,6 +31,8 @@ namespace em = enterprise_management;
 namespace enterprise_reporting {
 namespace {
 
+const int kMaxNumberOfExtensionRequest = 1000;
+
 // Extension request are moved out of the pending list once user confirm the
 // notification. However, there is no need to upload these requests anymore as
 // long as admin made a decision.
@@ -135,11 +137,19 @@ void ProfileReportGenerator::GetExtensionRequest() {
   std::string webstore_update_url =
       extension_urls::GetDefaultWebstoreUpdateUrl().spec();
 
+  int number_of_requests = 0;
   for (const auto& it : *pending_requests) {
     if (!ShouldUploadExtensionRequest(it.first, webstore_update_url,
                                       extension_management)) {
       continue;
     }
+
+    // Use a hard limitation to prevent users adding too many requests. 1000
+    // requests should use less than 50 kb report space.
+    number_of_requests += 1;
+    if (number_of_requests > kMaxNumberOfExtensionRequest)
+      break;
+
     auto* request = report_->add_extension_requests();
     request->set_id(it.first);
     base::Optional<base::Time> timestamp = ::util::ValueToTime(

chrome/browser/enterprise/reporting/profile_report_generator_unittest.cc

@@ -6,6 +6,7 @@
 
 #include "base/json/json_reader.h"
 #include "base/strings/string16.h"
+#include "base/strings/string_number_conversions.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/util/values/values_util.h"
 #include "chrome/browser/profiles/profile_attributes_storage.h"
@@ -27,6 +28,8 @@ namespace em = enterprise_management;
 namespace enterprise_reporting {
 namespace {
 
+const int kMaxNumberOfExtensionRequest = 1000;
+
 constexpr char kProfile[] = "Profile";
 constexpr char kIdleProfile[] = "IdleProfile";
 constexpr char kExtensionId[] = "abcdefghijklmnopabcdefghijklmnop";
@@ -237,4 +240,27 @@ TEST_F(ProfileReportGeneratorTest, FilterOutBlockedPendingRequest) {
   EXPECT_EQ(kExtensionId2, report->extension_requests(0).id());
 }
 
+TEST_F(ProfileReportGeneratorTest, TooManyRequests) {
+  profile()->GetTestingPrefService()->SetManagedPref(
+      prefs::kCloudExtensionRequestEnabled,
+      std::make_unique<base::Value>(true));
+  const int extension_request_count = kMaxNumberOfExtensionRequest;
+  std::vector<std::string> ids(extension_request_count);
+  for (int extension_id = 0; extension_id < extension_request_count;
+       extension_id += 1) {
+    ids[extension_id] = base::NumberToString(extension_id);
+  }
+  SetExtensionToPendingList(ids);
+
+  auto report = GenerateReport();
+  // At most 1000 requests will be uploaded.
+  EXPECT_EQ(kMaxNumberOfExtensionRequest, report->extension_requests_size());
+
+  // And the filter is stable.
+  auto report2 = GenerateReport();
+  for (int id = 0; id < kMaxNumberOfExtensionRequest; id += 1)
+    EXPECT_EQ(report->extension_requests(id).id(),
+              report2->extension_requests(id).id());
+}
+
 }  // namespace enterprise_reporting