Skip to content

GitLab

T
tangled
Commit b17e691a authored by nparker's avatar nparker Committed by Commit bot
Browse files
Options

Correctly hash the input of MatchModuleWhitelistString() in pver4. 

Also add a test.

BUG=673827

Review-Url: https://codereview.chromium.org/2577963004
Cr-Commit-Position: refs/heads/master@{#438951}
parent 7e3bbed6
Hide whitespace changes
Inline Side-by-side
Showing with 28 additions and 1 deletion
components/safe_browsing_db/v4_local_database_manager.cc
View file @ b17e691a
...@@ -17,6 +17,7 @@ ...@@ -17,6 +17,7 @@
#include "components/safe_browsing_db/v4_feature_list.h" #include "components/safe_browsing_db/v4_feature_list.h"
#include "components/safe_browsing_db/v4_protocol_manager_util.h" #include "components/safe_browsing_db/v4_protocol_manager_util.h"
#include "content/public/browser/browser_thread.h" #include "content/public/browser/browser_thread.h"
#include "crypto/sha2.h"
using content::BrowserThread; using content::BrowserThread;
using base::TimeTicks; using base::TimeTicks;
...@@ -312,8 +313,10 @@ bool V4LocalDatabaseManager::MatchModuleWhitelistString( ...@@ -312,8 +313,10 @@ bool V4LocalDatabaseManager::MatchModuleWhitelistString(
return true; return true;
} }
// str is the module's filename. Convert to hash.
FullHash hash = crypto::SHA256HashString(str);
return HandleHashSynchronously( return HandleHashSynchronously(
str, StoresToCheck({GetChromeFilenameClientIncidentId()})); hash, StoresToCheck({GetChromeFilenameClientIncidentId()}));
} }
ThreatSource V4LocalDatabaseManager::GetThreatSource() const { ThreatSource V4LocalDatabaseManager::GetThreatSource() const {
......
components/safe_browsing_db/v4_local_database_manager_unittest.cc
View file @ b17e691a
...@@ -11,6 +11,7 @@ ...@@ -11,6 +11,7 @@
#include "components/safe_browsing_db/v4_local_database_manager.h" #include "components/safe_browsing_db/v4_local_database_manager.h"
#include "components/safe_browsing_db/v4_test_util.h" #include "components/safe_browsing_db/v4_test_util.h"
#include "content/public/test/test_browser_thread_bundle.h" #include "content/public/test/test_browser_thread_bundle.h"
#include "crypto/sha2.h"
#include "net/url_request/test_url_fetcher_factory.h" #include "net/url_request/test_url_fetcher_factory.h"
#include "testing/platform_test.h" #include "testing/platform_test.h"
...@@ -407,4 +408,27 @@ TEST_F(V4LocalDatabaseManagerTest, TestMatchMalwareIP) { ...@@ -407,4 +408,27 @@ TEST_F(V4LocalDatabaseManagerTest, TestMatchMalwareIP) {
v4_local_database_manager_)); v4_local_database_manager_));
} }
TEST_F(V4LocalDatabaseManagerTest, TestMatchModuleWhitelist) {
StopLocalDatabaseManager();
v4_local_database_manager_ =
make_scoped_refptr(new FakeV4LocalDatabaseManager(base_dir_.GetPath()));
SetTaskRunnerForTest();
StartLocalDatabaseManager();
WaitForTasksOnTaskRunner();
StoreAndHashPrefixes store_and_hash_prefixes;
store_and_hash_prefixes.emplace_back(GetChromeFilenameClientIncidentId(),
crypto::SHA256HashString("chrome.dll"));
ReplaceV4Database(store_and_hash_prefixes);
// No match -- i.e. not whitelisted
EXPECT_FALSE(
v4_local_database_manager_->MatchModuleWhitelistString("badstuff.dll"));
// Whitelisted.
EXPECT_TRUE(
v4_local_database_manager_->MatchModuleWhitelistString("chrome.dll"));
}
} // namespace safe_browsing } // namespace safe_browsing
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment