1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/safe_browsing/incident_reporting/blacklist_load_analyzer.h" 6 7#include "base/files/file_path.h" 8#include "base/logging.h" 9#include "base/metrics/histogram.h" 10#include "base/strings/string_number_conversions.h" 11#include "base/strings/string_util.h" 12#include "base/strings/utf_string_conversions.h" 13#include "chrome/browser/install_verification/win/module_info.h" 14#include "chrome/browser/install_verification/win/module_verification_common.h" 15#include "chrome/browser/safe_browsing/binary_feature_extractor.h" 16#include "chrome/browser/safe_browsing/incident_reporting/add_incident_callback.h" 17#include "chrome/browser/safe_browsing/path_sanitizer.h" 18#include "chrome/browser/safe_browsing/safe_browsing_service.h" 19#include "chrome/common/safe_browsing/csd.pb.h" 20#include "chrome_elf/blacklist/blacklist.h" 21 22namespace safe_browsing { 23 24// Retrieves the set of blacklisted modules that are loaded in the process. 25// Returns true if successful, false otherwise. 26bool GetLoadedBlacklistedModules(std::vector<base::string16>* module_names) { 27 DCHECK(module_names); 28 29 std::set<ModuleInfo> module_info_set; 30 if (!GetLoadedModules(&module_info_set)) 31 return false; 32 33 std::set<ModuleInfo>::const_iterator module_iter(module_info_set.begin()); 34 for (; module_iter != module_info_set.end(); ++module_iter) { 35 base::string16 module_file_name(base::StringToLowerASCII( 36 base::FilePath(module_iter->name).BaseName().value())); 37 if (blacklist::GetBlacklistIndex(module_file_name.c_str()) != -1) { 38 module_names->push_back(module_iter->name); 39 } 40 } 41 42 return true; 43} 44 45void VerifyBlacklistLoadState(const AddIncidentCallback& callback) { 46 std::vector<base::string16> module_names; 47 if (GetLoadedBlacklistedModules(&module_names)) { 48 PathSanitizer path_sanitizer; 49 50 const bool blacklist_intialized = blacklist::IsBlacklistInitialized(); 51 52 std::vector<base::string16>::const_iterator module_iter( 53 module_names.begin()); 54 for (; module_iter != module_names.end(); ++module_iter) { 55 scoped_ptr<ClientIncidentReport_IncidentData> incident_data( 56 new ClientIncidentReport_IncidentData()); 57 ClientIncidentReport_IncidentData_BlacklistLoadIncident* blacklist_load = 58 incident_data->mutable_blacklist_load(); 59 60 base::FilePath module_path(*module_iter); 61 path_sanitizer.StripHomeDirectory(&module_path); 62 63 blacklist_load->set_path(base::WideToUTF8(module_path.value())); 64 // TODO(robertshield): Add computation of file digest and version here. 65 66 blacklist_load->set_blacklist_initialized(blacklist_intialized); 67 68 // Send the report. 69 callback.Run(incident_data.Pass()); 70 } 71 } 72} 73 74} // namespace safe_browsing 75