From 64df1add6f9fe6e26f559604feec50e84acf1ae4 Mon Sep 17 00:00:00 2001 From: robertshield Date: Tue, 26 Aug 2014 16:42:17 -0700 Subject: [PATCH] Report on blacklist incidents. BUG=394352 TEST=NONE Review URL: https://codereview.chromium.org/433513008 Cr-Commit-Position: refs/heads/master@{#292033} --- chrome/browser/chrome_elf_init_unittest_win.cc | 35 ----------- chrome/browser/chrome_elf_init_win.cc | 23 ------- chrome/browser/chrome_elf_init_win.h | 8 --- .../incident_reporting/blacklist_load_analyzer.cc | 32 ++++++++++ .../incident_reporting/blacklist_load_analyzer.h | 29 +++++++++ .../blacklist_load_analyzer_win.cc | 70 ++++++++++++++++++++++ .../blacklist_load_analyzer_win_unittest.cc | 51 ++++++++++++++++ .../blacklist_load_incident_handlers.cc | 26 ++++++++ .../blacklist_load_incident_handlers.h | 26 ++++++++ .../blacklist_load_incident_handlers_unittest.cc | 61 +++++++++++++++++++ .../incident_reporting_service.cc | 16 ++++- .../browser/safe_browsing/safe_browsing_service.cc | 2 + chrome/chrome_browser.gypi | 5 ++ chrome/chrome_tests_unit.gypi | 2 + chrome/common/safe_browsing/csd.proto | 6 ++ 15 files changed, 323 insertions(+), 69 deletions(-) create mode 100644 chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.cc create mode 100644 chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h create mode 100644 chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win.cc create mode 100644 chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win_unittest.cc create mode 100644 chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.cc create mode 100644 chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h create mode 100644 chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers_unittest.cc diff --git a/chrome/browser/chrome_elf_init_unittest_win.cc b/chrome/browser/chrome_elf_init_unittest_win.cc index c6e362874fce..47e9e4270f34 100644 --- a/chrome/browser/chrome_elf_init_unittest_win.cc +++ b/chrome/browser/chrome_elf_init_unittest_win.cc @@ -5,17 +5,12 @@ #include "chrome/browser/chrome_elf_init_win.h" #include "base/basictypes.h" -#include "base/files/file_path.h" #include "base/memory/scoped_ptr.h" #include "base/metrics/field_trial.h" -#include "base/path_service.h" -#include "base/scoped_native_library.h" #include "base/strings/string16.h" -#include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "base/test/test_reg_util_win.h" #include "chrome/common/chrome_version_info.h" -#include "chrome_elf/blacklist/blacklist.h" #include "chrome_elf/chrome_elf_constants.h" #include "components/variations/entropy_provider.h" #include "components/variations/variations_associated_data.h" @@ -25,7 +20,6 @@ namespace { const char kBrowserBlacklistTrialEnabledGroupName[] = "Enabled"; -const wchar_t kTestDllName[] = L"blacklist_test_dll_1.dll"; class ChromeBlacklistTrialTest : public testing::Test { protected: @@ -200,33 +194,4 @@ TEST_F(ChromeBlacklistTrialTest, AddFinchBlacklistToRegistry) { } } -TEST_F(ChromeBlacklistTrialTest, TestBlacklistBypass) { - base::FilePath current_dir; - ASSERT_TRUE(PathService::Get(base::DIR_EXE, ¤t_dir)); - - // Load test dll. - base::ScopedNativeLibrary dll1(current_dir.Append(kTestDllName)); - - // No blacklisted dll should be found. - std::vector module_names; - EXPECT_TRUE(GetLoadedBlacklistedModules(&module_names)); - EXPECT_TRUE(module_names.empty()); - // For posterity, print any that are. - std::vector::const_iterator module_iter(module_names.begin()); - for (; module_iter != module_names.end(); ++module_iter) { - LOG(ERROR) << "Found blacklisted module: " << *module_iter; - } - - // Add test dll to blacklist - blacklist::AddDllToBlacklist(kTestDllName); - - // Check that the test dll appears in list. - module_names.clear(); - EXPECT_TRUE(GetLoadedBlacklistedModules(&module_names)); - ASSERT_EQ(1, module_names.size()); - EXPECT_STREQ(kTestDllName, - base::StringToLowerASCII( - base::FilePath(module_names[0]).BaseName().value()).c_str()); -} - } // namespace diff --git a/chrome/browser/chrome_elf_init_win.cc b/chrome/browser/chrome_elf_init_win.cc index ce3ad19f20cb..3d568a69a46a 100644 --- a/chrome/browser/chrome_elf_init_win.cc +++ b/chrome/browser/chrome_elf_init_win.cc @@ -3,16 +3,12 @@ // found in the LICENSE file. #include "base/bind.h" -#include "base/files/file_path.h" #include "base/metrics/field_trial.h" #include "base/metrics/histogram.h" #include "base/metrics/sparse_histogram.h" -#include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "base/win/registry.h" #include "chrome/browser/chrome_elf_init_win.h" -#include "chrome/browser/install_verification/win/module_info.h" -#include "chrome/browser/install_verification/win/module_verification_common.h" #include "chrome_elf/blacklist/blacklist.h" #include "chrome_elf/chrome_elf_constants.h" #include "chrome_elf/dll_hash/dll_hash.h" @@ -208,22 +204,3 @@ void BrowserBlacklistBeaconSetup() { RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED); } } - -bool GetLoadedBlacklistedModules(std::vector* module_names) { - DCHECK(module_names); - - std::set module_info_set; - if (!GetLoadedModules(&module_info_set)) - return false; - - std::set::const_iterator module_iter(module_info_set.begin()); - for (; module_iter != module_info_set.end(); ++module_iter) { - base::string16 module_file_name(base::StringToLowerASCII( - base::FilePath(module_iter->name).BaseName().value())); - if (blacklist::GetBlacklistIndex(module_file_name.c_str()) != -1) { - module_names->push_back(module_iter->name); - } - } - - return true; -} diff --git a/chrome/browser/chrome_elf_init_win.h b/chrome/browser/chrome_elf_init_win.h index ade729a12d9f..84d3da49e49f 100644 --- a/chrome/browser/chrome_elf_init_win.h +++ b/chrome/browser/chrome_elf_init_win.h @@ -5,10 +5,6 @@ #ifndef CHROME_BROWSER_CHROME_ELF_INIT_WIN_H_ #define CHROME_BROWSER_CHROME_ELF_INIT_WIN_H_ -#include - -#include "base/strings/string16.h" - // Field trial name and full name for the blacklist disabled group. extern const char kBrowserBlacklistTrialName[]; extern const char kBrowserBlacklistTrialDisabledGroupName[]; @@ -23,8 +19,4 @@ void AddFinchBlacklistToRegistry(); // Set the required state for an enabled browser blacklist. void BrowserBlacklistBeaconSetup(); -// Retrieves the set of blacklisted modules that are loaded in the process. -// Returns true if successful, false otherwise. -bool GetLoadedBlacklistedModules(std::vector* module_names); - #endif // CHROME_BROWSER_CHROME_ELF_INIT_WIN_H_ diff --git a/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.cc b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.cc new file mode 100644 index 000000000000..34527ebd2971 --- /dev/null +++ b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.cc @@ -0,0 +1,32 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h" + +#include "chrome/browser/browser_process.h" +#include "chrome/browser/safe_browsing/incident_reporting/add_incident_callback.h" +#include "chrome/browser/safe_browsing/safe_browsing_service.h" + +namespace safe_browsing { + +void RegisterBlacklistLoadAnalysis() { +#if defined(OS_WIN) + scoped_refptr safe_browsing_service( + g_browser_process->safe_browsing_service()); + + safe_browsing_service->RegisterDelayedAnalysisCallback( + base::Bind(&VerifyBlacklistLoadState)); +#endif +} + +#if !defined(OS_WIN) +void VerifyBlacklistLoadState(const AddIncidentCallback& callback) { +} + +bool GetLoadedBlacklistedModules(std::vector* module_names) { + return false; +} +#endif // !defined(OS_WIN) + +} // namespace safe_browsing diff --git a/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h new file mode 100644 index 000000000000..8c5d13f46c5f --- /dev/null +++ b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h @@ -0,0 +1,29 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BLACKLIST_LOAD_ANALYZER_H_ +#define CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BLACKLIST_LOAD_ANALYZER_H_ + +#include + +#include "base/strings/string16.h" +#include "chrome/browser/safe_browsing/incident_reporting/add_incident_callback.h" + +namespace safe_browsing { + +// Registers a process-wide analysis with the incident reporting service that +// will examine how effective the blacklist was. +void RegisterBlacklistLoadAnalysis(); + +// Retrieves the set of blacklisted modules that are loaded in the process. +// Returns true if successful, false otherwise. +bool GetLoadedBlacklistedModules(std::vector* module_names); + +// Callback to pass to the incident reporting service. The incident reporting +// service will decide when to start the analysis. +void VerifyBlacklistLoadState(const AddIncidentCallback& callback); + +} // namespace safe_browsing + +#endif // CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BLACKLIST_LOAD_ANALYZER_H_ diff --git a/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win.cc b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win.cc new file mode 100644 index 000000000000..1321ee2d6f12 --- /dev/null +++ b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win.cc @@ -0,0 +1,70 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h" + +#include "base/files/file_path.h" +#include "base/logging.h" +#include "base/metrics/histogram.h" +#include "base/strings/string_number_conversions.h" +#include "base/strings/string_util.h" +#include "base/strings/utf_string_conversions.h" +#include "chrome/browser/install_verification/win/module_info.h" +#include "chrome/browser/install_verification/win/module_verification_common.h" +#include "chrome/browser/safe_browsing/binary_feature_extractor.h" +#include "chrome/browser/safe_browsing/incident_reporting/add_incident_callback.h" +#include "chrome/browser/safe_browsing/path_sanitizer.h" +#include "chrome/browser/safe_browsing/safe_browsing_service.h" +#include "chrome/common/safe_browsing/csd.pb.h" +#include "chrome_elf/blacklist/blacklist.h" + +namespace safe_browsing { + +// Retrieves the set of blacklisted modules that are loaded in the process. +// Returns true if successful, false otherwise. +bool GetLoadedBlacklistedModules(std::vector* module_names) { + DCHECK(module_names); + + std::set module_info_set; + if (!GetLoadedModules(&module_info_set)) + return false; + + std::set::const_iterator module_iter(module_info_set.begin()); + for (; module_iter != module_info_set.end(); ++module_iter) { + base::string16 module_file_name(base::StringToLowerASCII( + base::FilePath(module_iter->name).BaseName().value())); + if (blacklist::GetBlacklistIndex(module_file_name.c_str()) != -1) { + module_names->push_back(module_iter->name); + } + } + + return true; +} + +void VerifyBlacklistLoadState(const AddIncidentCallback& callback) { + std::vector module_names; + if (GetLoadedBlacklistedModules(&module_names)) { + PathSanitizer path_sanitizer; + + std::vector::const_iterator module_iter( + module_names.begin()); + for (; module_iter != module_names.end(); ++module_iter) { + scoped_ptr incident_data( + new ClientIncidentReport_IncidentData()); + ClientIncidentReport_IncidentData_BlacklistLoadIncident* blacklist_load = + incident_data->mutable_blacklist_load(); + + base::FilePath module_path(*module_iter); + path_sanitizer.StripHomeDirectory(&module_path); + + blacklist_load->set_path(base::WideToUTF8(module_path.value())); + // TODO(robertshield): Add computation of file digest and version here. + + // Send the report. + callback.Run(incident_data.Pass()); + } + } +} + +} // namespace safe_browsing diff --git a/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win_unittest.cc b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win_unittest.cc new file mode 100644 index 000000000000..6edafbf83893 --- /dev/null +++ b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win_unittest.cc @@ -0,0 +1,51 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h" + +#include + +#include "base/files/file_path.h" +#include "base/path_service.h" +#include "base/scoped_native_library.h" +#include "base/strings/string_util.h" +#include "chrome_elf/blacklist/blacklist.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace { +const wchar_t kTestDllName[] = L"blacklist_test_dll_1.dll"; +} + +namespace safe_browsing { + +TEST(BlacklistLoadAnalyzer, TestBlacklistBypass) { + base::FilePath current_dir; + ASSERT_TRUE(PathService::Get(base::DIR_EXE, ¤t_dir)); + + // Load test dll. + base::ScopedNativeLibrary dll1(current_dir.Append(kTestDllName)); + + // No blacklisted dlls should be found. + std::vector module_names; + EXPECT_TRUE(GetLoadedBlacklistedModules(&module_names)); + EXPECT_TRUE(module_names.empty()); + + std::vector::const_iterator module_iter(module_names.begin()); + for (; module_iter != module_names.end(); ++module_iter) { + LOG(ERROR) << "Found blacklisted module: " << *module_iter; + } + + // Add test dll to blacklist + blacklist::AddDllToBlacklist(kTestDllName); + + // Check that the test dll appears in list. + module_names.clear(); + EXPECT_TRUE(GetLoadedBlacklistedModules(&module_names)); + ASSERT_EQ(1, module_names.size()); + EXPECT_STREQ(kTestDllName, + base::StringToLowerASCII( + base::FilePath(module_names[0]).BaseName().value()).c_str()); +} + +} // namespace safe_browsing diff --git a/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.cc b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.cc new file mode 100644 index 000000000000..1847837211cd --- /dev/null +++ b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.cc @@ -0,0 +1,26 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h" + +#include "base/logging.h" +#include "chrome/browser/safe_browsing/incident_reporting/incident_handler_util.h" +#include "chrome/common/safe_browsing/csd.pb.h" + +namespace safe_browsing { + +std::string GetBlacklistLoadIncidentKey( + const ClientIncidentReport_IncidentData& incident_data) { + DCHECK(incident_data.has_blacklist_load()); + DCHECK(incident_data.blacklist_load().has_path()); + return incident_data.blacklist_load().path(); +} + +uint32_t GetBlacklistLoadIncidentDigest( + const ClientIncidentReport_IncidentData& incident_data) { + DCHECK(incident_data.has_blacklist_load()); + return HashMessage(incident_data.blacklist_load()); +} + +} // namespace safe_browsing diff --git a/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h new file mode 100644 index 000000000000..61367c9bd506 --- /dev/null +++ b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h @@ -0,0 +1,26 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BLACKLIST_LOAD_INCIDENT_HANDLERS_H_ +#define CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BLACKLIST_LOAD_INCIDENT_HANDLERS_H_ + +#include + +#include + +namespace safe_browsing { + +class ClientIncidentReport_IncidentData; + +// Returns the path of the loaded blacklisted module. +std::string GetBlacklistLoadIncidentKey( + const ClientIncidentReport_IncidentData& incident_data); + +// Returns a digest of the loaded blacklisted module. +uint32_t GetBlacklistLoadIncidentDigest( + const ClientIncidentReport_IncidentData& incident_data); + +} // namespace safe_browsing + +#endif // CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BLACKLIST_LOAD_INCIDENT_HANDLERS_H_ diff --git a/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers_unittest.cc b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers_unittest.cc new file mode 100644 index 000000000000..b63349fd7c88 --- /dev/null +++ b/chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers_unittest.cc @@ -0,0 +1,61 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h" + +#include "base/memory/scoped_ptr.h" +#include "chrome/common/safe_browsing/csd.pb.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace { + +scoped_ptr MakeIncident() { + scoped_ptr incident( + new safe_browsing::ClientIncidentReport_IncidentData); + incident->mutable_blacklist_load()->set_path("foo"); + return incident.Pass(); +} + +} // namespace + +// Tests that GetKey returns the dll path. +TEST(GetBlacklistLoadIncidentKey, KeyIsPath) { + safe_browsing::ClientIncidentReport_IncidentData incident; + + incident.mutable_blacklist_load()->set_path("foo"); + ASSERT_EQ(std::string("foo"), + safe_browsing::GetBlacklistLoadIncidentKey(incident)); +} + +// Tests that GetDigest returns the same value for the same incident. +TEST(GetBlacklistLoadIncidentDigest, SameIncidentSameDigest) { + scoped_ptr incident( + MakeIncident()); + + uint32_t digest = safe_browsing::GetBlacklistLoadIncidentDigest(*incident); + ASSERT_EQ(digest, + safe_browsing::GetBlacklistLoadIncidentDigest(*MakeIncident())); +} + +// Tests that GetDigest returns different values for different incidents. +TEST(GetBlacklistLoadIncidentDigest, DifferentIncidentDifferentDigest) { + scoped_ptr incident( + MakeIncident()); + scoped_ptr digest_proto( + new safe_browsing::ClientDownloadRequest_Digests); + digest_proto->set_sha256("37"); + incident->mutable_blacklist_load()->set_allocated_digest( + digest_proto.release()); + + scoped_ptr incident2( + MakeIncident()); + scoped_ptr digest_proto2( + new safe_browsing::ClientDownloadRequest_Digests); + digest_proto2->set_sha256("42"); + incident2->mutable_blacklist_load()->set_allocated_digest( + digest_proto2.release()); + + ASSERT_NE(safe_browsing::GetBlacklistLoadIncidentDigest(*incident), + safe_browsing::GetBlacklistLoadIncidentDigest(*incident2)); +} diff --git a/chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.cc b/chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.cc index 41f76c06a300..38845ec84ad8 100644 --- a/chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.cc +++ b/chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.cc @@ -25,6 +25,7 @@ #include "chrome/browser/profiles/profile.h" #include "chrome/browser/safe_browsing/database_manager.h" #include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_incident_handlers.h" +#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h" #include "chrome/browser/safe_browsing/incident_reporting/environment_data_collection.h" #include "chrome/browser/safe_browsing/incident_reporting/incident_report_uploader_impl.h" #include "chrome/browser/safe_browsing/incident_reporting/preference_validation_delegate.h" @@ -47,8 +48,9 @@ enum IncidentType { // the histogram. TRACKED_PREFERENCE = 1, BINARY_INTEGRITY = 2, + BLACKLIST_LOAD = 3, // Values for new incident types go here. - NUM_INCIDENT_TYPES + NUM_INCIDENT_TYPES = 4 }; // The action taken for an incident; used for user metrics (see @@ -85,6 +87,8 @@ size_t CountIncidents(const ClientIncidentReport_IncidentData& incident) { ++result; if (incident.has_binary_integrity()) ++result; + if (incident.has_blacklist_load()) + ++result; // Add detection for new incident types here. return result; } @@ -96,9 +100,11 @@ IncidentType GetIncidentType( return TRACKED_PREFERENCE; if (incident_data.has_binary_integrity()) return BINARY_INTEGRITY; + if (incident_data.has_blacklist_load()) + return BLACKLIST_LOAD; // Add detection for new incident types here. - COMPILE_ASSERT(BINARY_INTEGRITY + 1 == NUM_INCIDENT_TYPES, + COMPILE_ASSERT(BLACKLIST_LOAD + 1 == NUM_INCIDENT_TYPES, add_support_for_new_types); NOTREACHED(); return NUM_INCIDENT_TYPES; @@ -131,9 +137,13 @@ PersistentIncidentState ComputeIncidentState( state.key = GetBinaryIntegrityIncidentKey(incident); state.digest = GetBinaryIntegrityIncidentDigest(incident); break; + case BLACKLIST_LOAD: + state.key = GetBlacklistLoadIncidentKey(incident); + state.digest = GetBlacklistLoadIncidentDigest(incident); + break; // Add handling for new incident types here. default: - COMPILE_ASSERT(BINARY_INTEGRITY + 1 == NUM_INCIDENT_TYPES, + COMPILE_ASSERT(BLACKLIST_LOAD + 1 == NUM_INCIDENT_TYPES, add_support_for_new_types); NOTREACHED(); break; diff --git a/chrome/browser/safe_browsing/safe_browsing_service.cc b/chrome/browser/safe_browsing/safe_browsing_service.cc index 72fa15648fad..6fcab2ea7814 100644 --- a/chrome/browser/safe_browsing/safe_browsing_service.cc +++ b/chrome/browser/safe_browsing/safe_browsing_service.cc @@ -28,6 +28,7 @@ #include "chrome/browser/safe_browsing/database_manager.h" #include "chrome/browser/safe_browsing/download_protection_service.h" #include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer.h" +#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h" #include "chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.h" #include "chrome/browser/safe_browsing/malware_details.h" #include "chrome/browser/safe_browsing/ping_manager.h" @@ -360,6 +361,7 @@ SafeBrowsingDatabaseManager* SafeBrowsingService::CreateDatabaseManager() { void SafeBrowsingService::RegisterAllDelayedAnalysis() { safe_browsing::RegisterBinaryIntegrityAnalysis(); + safe_browsing::RegisterBlacklistLoadAnalysis(); } void SafeBrowsingService::InitURLRequestContextOnIOThread( diff --git a/chrome/chrome_browser.gypi b/chrome/chrome_browser.gypi index 629fdd41bc3a..4995c7cae44f 100644 --- a/chrome/chrome_browser.gypi +++ b/chrome/chrome_browser.gypi @@ -2616,6 +2616,11 @@ 'browser/safe_browsing/incident_reporting/binary_integrity_analyzer_win.cc', 'browser/safe_browsing/incident_reporting/binary_integrity_incident_handlers.cc', 'browser/safe_browsing/incident_reporting/binary_integrity_incident_handlers.h', + 'browser/safe_browsing/incident_reporting/blacklist_load_analyzer.cc', + 'browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h', + 'browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win.cc', + 'browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.cc', + 'browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers.h', 'browser/safe_browsing/incident_reporting/delayed_analysis_callback.h', 'browser/safe_browsing/incident_reporting/delayed_callback_runner.cc', 'browser/safe_browsing/incident_reporting/delayed_callback_runner.h', diff --git a/chrome/chrome_tests_unit.gypi b/chrome/chrome_tests_unit.gypi index 7fac8ab74b3c..66bbe97823f5 100644 --- a/chrome/chrome_tests_unit.gypi +++ b/chrome/chrome_tests_unit.gypi @@ -1210,6 +1210,8 @@ 'browser/safe_browsing/download_protection_service_unittest.cc', 'browser/safe_browsing/incident_reporting/binary_integrity_analyzer_win_unittest.cc', 'browser/safe_browsing/incident_reporting/binary_integrity_incident_handlers_unittest.cc', + 'browser/safe_browsing/incident_reporting/blacklist_load_analyzer_win_unittest.cc', + 'browser/safe_browsing/incident_reporting/blacklist_load_incident_handlers_unittest.cc', 'browser/safe_browsing/incident_reporting/delayed_callback_runner_unittest.cc', 'browser/safe_browsing/incident_reporting/environment_data_collection_win_unittest.cc', 'browser/safe_browsing/incident_reporting/incident_report_uploader_impl_unittest.cc', diff --git a/chrome/common/safe_browsing/csd.proto b/chrome/common/safe_browsing/csd.proto index c1c953306406..cfec33bfb1fd 100644 --- a/chrome/common/safe_browsing/csd.proto +++ b/chrome/common/safe_browsing/csd.proto @@ -355,9 +355,15 @@ message ClientIncidentReport { optional string file_basename = 1; optional ClientDownloadRequest.SignatureInfo signature = 2; } + message BlacklistLoadIncident { + optional string path = 1; + optional ClientDownloadRequest.Digests digest = 2; + optional string version = 3; + } optional int64 incident_time_msec = 1; optional TrackedPreferenceIncident tracked_preference = 2; optional BinaryIntegrityIncident binary_integrity = 3; + optional BlacklistLoadIncident blacklist_load = 4; } repeated IncidentData incident = 1; -- 2.11.4.GIT