Commit 6e0d513c authored by Dominique Fauteux-Chapleau's avatar Dominique Fauteux-Chapleau Committed by Commit Bot

Add field for evidence locker filepath

This adds evidence_locker_filepath in ContentAnalysisResponse::Result
and a corresponding reporting field.

This should be removed once a better propagation for this info is
agreed upon.

Bug: 1147036
Change-Id: I496d13a80fd7f06a83f534afa0b6d673184a6bfd
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2526929
Commit-Queue: Dominique Fauteux-Chapleau <domfc@chromium.org>
Reviewed-by: default avatarDaniel Rubery <drubery@chromium.org>
Cr-Commit-Position: refs/heads/master@{#825447}
parent 56b7145e
...@@ -136,6 +136,8 @@ const char SafeBrowsingPrivateEventRouter::kKeyMalwareFamily[] = ...@@ -136,6 +136,8 @@ const char SafeBrowsingPrivateEventRouter::kKeyMalwareFamily[] =
"malwareFamily"; "malwareFamily";
const char SafeBrowsingPrivateEventRouter::kKeyMalwareCategory[] = const char SafeBrowsingPrivateEventRouter::kKeyMalwareCategory[] =
"malwareCategory"; "malwareCategory";
const char SafeBrowsingPrivateEventRouter::kKeyEvidenceLockerFilePath[] =
"evidenceLockerFilepath";
const char SafeBrowsingPrivateEventRouter::kKeyPasswordReuseEvent[] = const char SafeBrowsingPrivateEventRouter::kKeyPasswordReuseEvent[] =
"passwordReuseEvent"; "passwordReuseEvent";
...@@ -427,7 +429,7 @@ void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorResult( ...@@ -427,7 +429,7 @@ void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorResult(
url, file_name, download_digest_sha256, url, file_name, download_digest_sha256,
MalwareRuleToThreatType(result.triggered_rules(0).rule_name()), MalwareRuleToThreatType(result.triggered_rules(0).rule_name()),
mime_type, trigger, content_size, event_result, result.malware_family(), mime_type, trigger, content_size, event_result, result.malware_family(),
result.malware_category()); result.malware_category(), result.evidence_locker_filepath());
} else if (result.tag() == "dlp") { } else if (result.tag() == "dlp") {
OnSensitiveDataEvent(url, file_name, download_digest_sha256, mime_type, OnSensitiveDataEvent(url, file_name, download_digest_sha256, mime_type,
trigger, result, content_size, event_result); trigger, result, content_size, event_result);
...@@ -444,7 +446,8 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult( ...@@ -444,7 +446,8 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult(
const int64_t content_size, const int64_t content_size,
safe_browsing::EventResult event_result, safe_browsing::EventResult event_result,
const std::string& malware_family, const std::string& malware_family,
const std::string& malware_category) { const std::string& malware_category,
const std::string& evidence_locker_filepath) {
if (!IsRealtimeReportingEnabled()) if (!IsRealtimeReportingEnabled())
return; return;
...@@ -458,7 +461,8 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult( ...@@ -458,7 +461,8 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult(
const std::string& trigger, const int64_t content_size, const std::string& trigger, const int64_t content_size,
safe_browsing::EventResult event_result, safe_browsing::EventResult event_result,
const std::string& malware_family, const std::string& malware_family,
const std::string& malware_category) { const std::string& malware_category,
const std::string& evidence_locker_filepath) {
// Create a real-time event dictionary from the arguments and // Create a real-time event dictionary from the arguments and
// report it. // report it.
base::Value event(base::Value::Type::DICTIONARY); base::Value event(base::Value::Type::DICTIONARY);
...@@ -484,11 +488,15 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult( ...@@ -484,11 +488,15 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult(
event.SetStringKey(kKeyMalwareFamily, malware_family); event.SetStringKey(kKeyMalwareFamily, malware_family);
if (!malware_category.empty()) if (!malware_category.empty())
event.SetStringKey(kKeyMalwareCategory, malware_category); event.SetStringKey(kKeyMalwareCategory, malware_category);
if (!evidence_locker_filepath.empty()) {
event.SetStringKey(kKeyEvidenceLockerFilePath,
evidence_locker_filepath);
}
return event; return event;
}, },
url.spec(), file_name, download_digest_sha256, GetProfileUserName(), url.spec(), file_name, download_digest_sha256, GetProfileUserName(),
threat_type, mime_type, trigger, content_size, event_result, threat_type, mime_type, trigger, content_size, event_result,
malware_family, malware_category)); malware_family, malware_category, evidence_locker_filepath));
} }
void SafeBrowsingPrivateEventRouter::OnSensitiveDataEvent( void SafeBrowsingPrivateEventRouter::OnSensitiveDataEvent(
...@@ -533,6 +541,10 @@ void SafeBrowsingPrivateEventRouter::OnSensitiveDataEvent( ...@@ -533,6 +541,10 @@ void SafeBrowsingPrivateEventRouter::OnSensitiveDataEvent(
event.SetBoolKey( event.SetBoolKey(
kKeyClickedThrough, kKeyClickedThrough,
event_result == safe_browsing::EventResult::BYPASSED); event_result == safe_browsing::EventResult::BYPASSED);
if (!result.evidence_locker_filepath().empty()) {
event.SetStringKey(kKeyEvidenceLockerFilePath,
result.evidence_locker_filepath());
}
AddAnalysisConnectorVerdictToEvent(result, &event); AddAnalysisConnectorVerdictToEvent(result, &event);
...@@ -584,6 +596,10 @@ void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorWarningBypassed( ...@@ -584,6 +596,10 @@ void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorWarningBypassed(
safe_browsing::EventResultToString( safe_browsing::EventResultToString(
safe_browsing::EventResult::BYPASSED)); safe_browsing::EventResult::BYPASSED));
event.SetBoolKey(kKeyClickedThrough, true); event.SetBoolKey(kKeyClickedThrough, true);
if (!result.evidence_locker_filepath().empty()) {
event.SetStringKey(kKeyEvidenceLockerFilePath,
result.evidence_locker_filepath());
}
AddAnalysisConnectorVerdictToEvent(result, &event); AddAnalysisConnectorVerdictToEvent(result, &event);
......
...@@ -82,6 +82,7 @@ class SafeBrowsingPrivateEventRouter ...@@ -82,6 +82,7 @@ class SafeBrowsingPrivateEventRouter
static const char kKeyEventResult[]; static const char kKeyEventResult[];
static const char kKeyMalwareFamily[]; static const char kKeyMalwareFamily[];
static const char kKeyMalwareCategory[]; static const char kKeyMalwareCategory[];
static const char kKeyEvidenceLockerFilePath[];
static const char kKeyPasswordReuseEvent[]; static const char kKeyPasswordReuseEvent[];
static const char kKeyPasswordChangedEvent[]; static const char kKeyPasswordChangedEvent[];
...@@ -261,16 +262,18 @@ class SafeBrowsingPrivateEventRouter ...@@ -261,16 +262,18 @@ class SafeBrowsingPrivateEventRouter
std::string GetProfileUserName() const; std::string GetProfileUserName() const;
// Notifies listeners that deep scanning detected a dangerous download. // Notifies listeners that deep scanning detected a dangerous download.
void OnDangerousDeepScanningResult(const GURL& url, void OnDangerousDeepScanningResult(
const std::string& file_name, const GURL& url,
const std::string& download_digest_sha256, const std::string& file_name,
const std::string& threat_type, const std::string& download_digest_sha256,
const std::string& mime_type, const std::string& threat_type,
const std::string& trigger, const std::string& mime_type,
const int64_t content_size, const std::string& trigger,
safe_browsing::EventResult event_result, const int64_t content_size,
const std::string& malware_family, safe_browsing::EventResult event_result,
const std::string& malware_category); const std::string& malware_family,
const std::string& malware_category,
const std::string& evidence_locker_filepath);
// Notifies listeners that the analysis connector detected a violation. // Notifies listeners that the analysis connector detected a violation.
void OnSensitiveDataEvent( void OnSensitiveDataEvent(
......
...@@ -103,10 +103,11 @@ message ContentAnalysisResponse { ...@@ -103,10 +103,11 @@ message ContentAnalysisResponse {
} }
repeated TriggeredRule triggered_rules = 3; repeated TriggeredRule triggered_rules = 3;
// TODO(crbug.com/1147036): Remove fields 4-5 once a definitive approach is // TODO(crbug.com/1147036): Remove fields 4-6 once a definitive approach is
// agreed upon. // agreed upon.
optional string malware_family = 4; optional string malware_family = 4;
optional string malware_category = 5; optional string malware_category = 5;
optional string evidence_locker_filepath = 6;
} }
repeated Result results = 4; repeated Result results = 4;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment