1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer.h" 6 7#include "base/bind.h" 8#include "base/files/file_util.h" 9#include "base/files/scoped_temp_dir.h" 10#include "base/memory/scoped_ptr.h" 11#include "base/path_service.h" 12#include "base/test/scoped_path_override.h" 13#include "chrome/common/chrome_paths.h" 14#include "chrome/common/safe_browsing/csd.pb.h" 15#include "testing/gmock/include/gmock/gmock.h" 16#include "testing/gtest/include/gtest/gtest.h" 17#include "version.h" // NOLINT 18 19namespace safe_browsing { 20 21namespace { 22 23const wchar_t kChromeDll[] = L"chrome.dll"; 24const wchar_t kChromeChildDll[] = L"chrome_child.dll"; 25const wchar_t kChromeElfDll[] = L"chrome_elf.dll"; 26const wchar_t kChromeExe[] = L"chrome.exe"; 27const wchar_t kSignedBinaryDll[] = L"signed_binary.dll"; 28 29// Helper function to erase the content of a binary to make sure the signature 30// verification will fail. 31bool EraseFileContent(const base::FilePath& file_path) { 32 FILE* file = base::OpenFile(file_path, "w"); 33 34 if (file == NULL) 35 return false; 36 37 bool success = base::TruncateFile(file); 38 return base::CloseFile(file) && success; 39} 40 41} // namespace 42 43class BinaryIntegrityAnalyzerWinTest : public ::testing::Test { 44 public: 45 BinaryIntegrityAnalyzerWinTest(); 46 47 void OnAddIncident( 48 scoped_ptr<ClientIncidentReport_IncidentData> incident_data); 49 50 protected: 51 bool callback_called_; 52 base::FilePath test_data_dir_; 53 base::ScopedTempDir temp_dir_; 54 scoped_ptr<base::ScopedPathOverride> exe_dir_override_; 55 scoped_ptr<ClientIncidentReport_IncidentData> incident_data_; 56}; 57 58BinaryIntegrityAnalyzerWinTest::BinaryIntegrityAnalyzerWinTest() 59 : callback_called_(false) { 60 temp_dir_.CreateUniqueTempDir(); 61 base::CreateDirectory(temp_dir_.path().AppendASCII(CHROME_VERSION_STRING)); 62 63 // We retrieve DIR_TEST_DATA here because it is based on DIR_EXE and we are 64 // about to override the path to the latter. 65 if (!PathService::Get(chrome::DIR_TEST_DATA, &test_data_dir_)) 66 NOTREACHED(); 67 68 exe_dir_override_.reset( 69 new base::ScopedPathOverride(base::DIR_EXE, temp_dir_.path())); 70} 71 72// Mock the AddIncidentCallback so we can test that VerifyBinaryIntegrity 73// adds an incident callback when a signature verification fails. 74void BinaryIntegrityAnalyzerWinTest::OnAddIncident( 75 scoped_ptr<ClientIncidentReport_IncidentData> incident_data) { 76 callback_called_ = true; 77 78 // Take ownership of the incident so that the text fixture can inspect it. 79 incident_data_ = incident_data.Pass(); 80} 81 82TEST_F(BinaryIntegrityAnalyzerWinTest, GetCriticalBinariesPath) { 83 // Expected paths. 84 std::vector<base::FilePath> critical_binaries_path_expected; 85 critical_binaries_path_expected.push_back( 86 temp_dir_.path().Append(kChromeExe)); 87 critical_binaries_path_expected.push_back( 88 temp_dir_.path().AppendASCII(CHROME_VERSION_STRING).Append(kChromeDll)); 89 critical_binaries_path_expected.push_back( 90 temp_dir_.path().AppendASCII(CHROME_VERSION_STRING).Append( 91 kChromeChildDll)); 92 critical_binaries_path_expected.push_back( 93 temp_dir_.path().AppendASCII(CHROME_VERSION_STRING).Append( 94 kChromeElfDll)); 95 96 std::vector<base::FilePath> critical_binaries_path = 97 GetCriticalBinariesPath(); 98 99 ASSERT_THAT(critical_binaries_path, 100 ::testing::ContainerEq(critical_binaries_path_expected)); 101} 102 103TEST_F(BinaryIntegrityAnalyzerWinTest, VerifyBinaryIntegrity) { 104 // Copy the signed dll to the temp exe directory. 105 base::FilePath signed_binary_path(test_data_dir_); 106 signed_binary_path = 107 signed_binary_path.Append(L"safe_browsing").Append(kSignedBinaryDll); 108 109 base::FilePath chrome_elf_path(temp_dir_.path()); 110 chrome_elf_path = 111 chrome_elf_path.Append(TEXT(CHROME_VERSION_STRING)).Append(kChromeElfDll); 112 113 ASSERT_TRUE(base::CopyFile(signed_binary_path, chrome_elf_path)); 114 115 AddIncidentCallback callback = base::Bind( 116 &BinaryIntegrityAnalyzerWinTest::OnAddIncident, base::Unretained(this)); 117 118 VerifyBinaryIntegrity(callback); 119 ASSERT_FALSE(callback_called_); 120 121 ASSERT_TRUE(EraseFileContent(chrome_elf_path)); 122 123 VerifyBinaryIntegrity(callback); 124 ASSERT_TRUE(callback_called_); 125 126 // Verify that the incident report contains the expected data. 127 ASSERT_TRUE(incident_data_->has_binary_integrity()); 128 ASSERT_TRUE(incident_data_->binary_integrity().has_file_basename()); 129 ASSERT_EQ("chrome_elf.dll", 130 incident_data_->binary_integrity().file_basename()); 131 ASSERT_TRUE(incident_data_->binary_integrity().has_signature()); 132} 133 134} // namespace safe_browsing 135