zip_analyzer.cc revision c2e0dbddbe15c98d52c4786dac06cb8952a8ae6d
12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chrome/common/safe_browsing/zip_analyzer.h" 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/logging.h" 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chrome/common/safe_browsing/download_protection_util.h" 9c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "third_party/zlib/google/zip_reader.h" 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace safe_browsing { 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace zip_analyzer { 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void AnalyzeZipFile(base::PlatformFile zip_file, Results* results) { 152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) zip::ZipReader reader; 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (!reader.OpenFromPlatformFile(zip_file)) { 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) VLOG(1) << "Failed to open zip file"; 182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return; 192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 21c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) bool advanced = true; 22c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) for (; reader.HasMore(); advanced = reader.AdvanceToNextEntry()) { 23c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (!advanced) { 24c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) VLOG(1) << "Could not advance to next entry, aborting zip scan."; 25c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return; 26c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (!reader.OpenCurrentEntryInZip()) { 282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) VLOG(1) << "Failed to open current entry in zip file"; 292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) continue; 302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const base::FilePath& file = reader.current_entry_info()->file_path(); 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (download_protection_util::IsBinaryFile(file)) { 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Don't consider an archived archive to be executable, but record 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // a histogram. 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (download_protection_util::IsArchiveFile(file)) { 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) results->has_archive = true; 372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } else { 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) VLOG(2) << "Downloaded a zipped executable: " << file.value(); 392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) results->has_executable = true; 402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) break; 412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } else { 432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) VLOG(3) << "Ignoring non-binary file: " << file.value(); 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) results->success = true; 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace zip_analyzer 502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace safe_browsing 51