diff options
| author | shess@chromium.org <shess@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-02-21 20:29:48 +0000 |
|---|---|---|
| committer | shess@chromium.org <shess@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-02-21 20:29:48 +0000 |
| commit | 8b6d9cb41eb4f61218fb26e7ad9923c91c5d130a (patch) | |
| tree | c8f03a4f31b1e1db8501935985d60897b4996481 | |
| parent | c8fcfcf6986774d91b391ffa1b9ef8df49a2e815 (diff) | |
| download | chromium_src-8b6d9cb41eb4f61218fb26e7ad9923c91c5d130a.zip chromium_src-8b6d9cb41eb4f61218fb26e7ad9923c91c5d130a.tar.gz chromium_src-8b6d9cb41eb4f61218fb26e7ad9923c91c5d130a.tar.bz2 | |
[safe browsing] Remove stale BINHASH code.
Safe browsing stopped requesting the download hash list a few years ago,
and the histograms from r150369 (Delete stale chunks from safe-browsing
downloads store) no longer show any hits at all. Remove remaining stale
code.
BUG=108130
Review URL: https://codereview.chromium.org/172393005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@252630 0039d316-1c4b-4281-b951-d872f2087c98
13 files changed, 54 insertions, 341 deletions
diff --git a/chrome/browser/safe_browsing/database_manager.cc b/chrome/browser/safe_browsing/database_manager.cc index c0f5e355..acf922f 100644 --- a/chrome/browser/safe_browsing/database_manager.cc +++ b/chrome/browser/safe_browsing/database_manager.cc @@ -56,8 +56,7 @@ void RecordGetHashCheckStatus( } else { result = SafeBrowsingProtocolManager::GET_HASH_FULL_HASH_MISS; } - bool is_download = check_type == safe_browsing_util::BINURL || - check_type == safe_browsing_util::BINHASH; + bool is_download = check_type == safe_browsing_util::BINURL; SafeBrowsingProtocolManager::RecordGetHashResult(is_download, result); } @@ -115,12 +114,6 @@ void SafeBrowsingDatabaseManager::Client::OnSafeBrowsingResult( } } else if (!check.full_hashes.empty()) { switch (check.check_type) { - case safe_browsing_util::BINHASH: - DCHECK_EQ(1u, check.full_hashes.size()); - OnCheckDownloadHashResult( - safe_browsing_util::SBFullHashToString(check.full_hashes[0]), - check.full_hash_results[0]); - break; case safe_browsing_util::EXTENSIONBLACKLIST: { std::set<std::string> unsafe_extension_ids; for (size_t i = 0; i < check.full_hashes.size(); ++i) { @@ -234,32 +227,6 @@ bool SafeBrowsingDatabaseManager::CheckDownloadUrl( return false; } -bool SafeBrowsingDatabaseManager::CheckDownloadHash( - const std::string& full_hash, - Client* client) { - DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); - DCHECK(!full_hash.empty()); - if (!enabled_ || !enable_download_protection_ || full_hash.empty()) - return true; - - // We need to check the database for url prefix, and later may fetch the url - // from the safebrowsing backends. These need to be asynchronous. - std::vector<SBFullHash> full_hashes( - 1, safe_browsing_util::StringToSBFullHash(full_hash)); - SafeBrowsingCheck* check = - new SafeBrowsingCheck(std::vector<GURL>(), - full_hashes, - client, - safe_browsing_util::BINHASH, - std::vector<SBThreatType>(1, - SB_THREAT_TYPE_BINARY_MALWARE_HASH)); - StartSafeBrowsingCheck( - check, - base::Bind(&SafeBrowsingDatabaseManager::CheckDownloadHashOnSBThread,this, - check)); - return false; -} - bool SafeBrowsingDatabaseManager::CheckExtensionIDs( const std::set<std::string>& extension_ids, Client* client) { @@ -735,8 +702,7 @@ void SafeBrowsingDatabaseManager::OnCheckDone(SafeBrowsingCheck* check) { check->start = base::TimeTicks::Now(); // Note: If |this| is deleted or stopped, the protocol_manager will // be destroyed as well - hence it's OK to do unretained in this case. - bool is_download = check->check_type == safe_browsing_util::BINURL || - check->check_type == safe_browsing_util::BINHASH; + bool is_download = check->check_type == safe_browsing_util::BINURL; sb_service_->protocol_manager()->GetFullHash( check->prefix_hits, base::Bind(&SafeBrowsingDatabaseManager::HandleGetHashResults, @@ -857,10 +823,6 @@ SBThreatType SafeBrowsingDatabaseManager::GetThreatTypeFromListname( return SB_THREAT_TYPE_BINARY_MALWARE_URL; } - if (safe_browsing_util::IsBadbinhashList(list_name)) { - return SB_THREAT_TYPE_BINARY_MALWARE_HASH; - } - if (safe_browsing_util::IsExtensionList(list_name)) { return SB_THREAT_TYPE_EXTENSION; } @@ -980,31 +942,6 @@ bool SafeBrowsingDatabaseManager::HandleOneCheck( return is_threat; } -void SafeBrowsingDatabaseManager::CheckDownloadHashOnSBThread( - SafeBrowsingCheck* check) { - DCHECK_EQ(base::MessageLoop::current(), - safe_browsing_thread_->message_loop()); - DCHECK(enable_download_protection_); - - DCHECK_EQ(1u, check->full_hashes.size()); - SBFullHash full_hash = check->full_hashes[0]; - - if (!database_->ContainsDownloadHashPrefix(full_hash.prefix)) { - // Good, we don't have hash for this url prefix. - BrowserThread::PostTask( - BrowserThread::IO, FROM_HERE, - base::Bind(&SafeBrowsingDatabaseManager::CheckDownloadHashDone, this, - check)); - return; - } - - check->need_get_hash = true; - check->prefix_hits.push_back(full_hash.prefix); - BrowserThread::PostTask( - BrowserThread::IO, FROM_HERE, - base::Bind(&SafeBrowsingDatabaseManager::OnCheckDone, this, check)); -} - void SafeBrowsingDatabaseManager::CheckDownloadUrlOnSBThread( SafeBrowsingCheck* check) { DCHECK_EQ(base::MessageLoop::current(), @@ -1079,12 +1016,6 @@ void SafeBrowsingDatabaseManager::CheckDownloadUrlDone( SafeBrowsingCheckDone(check); } -void SafeBrowsingDatabaseManager::CheckDownloadHashDone( - SafeBrowsingCheck* check) { - DCHECK(enable_download_protection_); - SafeBrowsingCheckDone(check); -} - void SafeBrowsingDatabaseManager::SafeBrowsingCheckDone( SafeBrowsingCheck* check) { DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); diff --git a/chrome/browser/safe_browsing/database_manager.h b/chrome/browser/safe_browsing/database_manager.h index 8465367..bba2d67 100644 --- a/chrome/browser/safe_browsing/database_manager.h +++ b/chrome/browser/safe_browsing/database_manager.h @@ -106,10 +106,6 @@ class SafeBrowsingDatabaseManager virtual void OnCheckDownloadUrlResult(const std::vector<GURL>& url_chain, SBThreatType threat_type) {} - // Called when the result of checking a download binary hash is known. - virtual void OnCheckDownloadHashResult(const std::string& hash, - SBThreatType threat_type) {} - // Called when the result of checking a set of extensions is known. virtual void OnCheckExtensionsResult( const std::set<std::string>& threats) {} @@ -138,10 +134,6 @@ class SafeBrowsingDatabaseManager virtual bool CheckDownloadUrl(const std::vector<GURL>& url_chain, Client* client); - // Check if the prefix for |full_hash| is in safebrowsing binhash add lists. - // Result will be passed to callback in |client|. - virtual bool CheckDownloadHash(const std::string& full_hash, Client* client); - // Check which prefixes in |extension_ids| are in the safebrowsing blacklist. // Returns true if not, false if further checks need to be made in which case // the result will be passed to |client|. @@ -322,9 +314,6 @@ class SafeBrowsingDatabaseManager bool HandleOneCheck(SafeBrowsingCheck* check, const std::vector<SBFullHashResult>& full_hashes); - // Checks the download hash on safe_browsing_thread_. - void CheckDownloadHashOnSBThread(SafeBrowsingCheck* check); - // Invoked by CheckDownloadUrl. It checks the download URL on // safe_browsing_thread_. void CheckDownloadUrlOnSBThread(SafeBrowsingCheck* check); @@ -336,9 +325,6 @@ class SafeBrowsingDatabaseManager // Calls the Client's callback on IO thread after CheckDownloadUrl finishes. void CheckDownloadUrlDone(SafeBrowsingCheck* check); - // Calls the Client's callback on IO thread after CheckDownloadHash finishes. - void CheckDownloadHashDone(SafeBrowsingCheck* check); - // Checks all extension ID hashes on safe_browsing_thread_. void CheckExtensionIDsOnSBThread(SafeBrowsingCheck* check); diff --git a/chrome/browser/safe_browsing/ping_manager.cc b/chrome/browser/safe_browsing/ping_manager.cc index 41404d03..92b0329 100644 --- a/chrome/browser/safe_browsing/ping_manager.cc +++ b/chrome/browser/safe_browsing/ping_manager.cc @@ -102,7 +102,6 @@ GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE || threat_type == SB_THREAT_TYPE_URL_PHISHING || threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL || - threat_type == SB_THREAT_TYPE_BINARY_MALWARE_HASH || threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL || threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL); std::string url = SafeBrowsingProtocolManagerHelper::ComposeUrl( @@ -118,9 +117,6 @@ GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( case SB_THREAT_TYPE_BINARY_MALWARE_URL: threat_list = "binurlhit"; break; - case SB_THREAT_TYPE_BINARY_MALWARE_HASH: - threat_list = "binhashhit"; - break; case SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL: threat_list = "phishcsdhit"; break; diff --git a/chrome/browser/safe_browsing/ping_manager_unittest.cc b/chrome/browser/safe_browsing/ping_manager_unittest.cc index c40fca3..e225912 100644 --- a/chrome/browser/safe_browsing/ping_manager_unittest.cc +++ b/chrome/browser/safe_browsing/ping_manager_unittest.cc @@ -71,15 +71,6 @@ TEST_F(SafeBrowsingPingManagerTest, TestSafeBrowsingHitUrl) { false, SB_THREAT_TYPE_BINARY_MALWARE_URL).spec()); EXPECT_EQ("https://prefix.com/foo/report?client=unittest&appver=1.0&" - "pver=2.2" + key_param_ + "&evts=binhashhit&" - "evtd=http%3A%2F%2Fmalicious.url.com%2F&" - "evtr=http%3A%2F%2Fpage.url.com%2F&evhr=http%3A%2F%2Freferrer." - "url.com%2F&evtb=0", - pm.SafeBrowsingHitUrl( - malicious_url, page_url, referrer_url, - false, SB_THREAT_TYPE_BINARY_MALWARE_HASH).spec()); - - EXPECT_EQ("https://prefix.com/foo/report?client=unittest&appver=1.0&" "pver=2.2" + key_param_ + "&evts=phishcsdhit&" "evtd=http%3A%2F%2Fmalicious.url.com%2F&" "evtr=http%3A%2F%2Fpage.url.com%2F&evhr=http%3A%2F%2Freferrer." diff --git a/chrome/browser/safe_browsing/protocol_parser.cc b/chrome/browser/safe_browsing/protocol_parser.cc index 035de5c..1fb64ef 100644 --- a/chrome/browser/safe_browsing/protocol_parser.cc +++ b/chrome/browser/safe_browsing/protocol_parser.cc @@ -263,8 +263,7 @@ bool SafeBrowsingProtocolParser::ParseAddChunk(const std::string& list_name, SBEntry::Type type = hash_len == sizeof(SBPrefix) ? SBEntry::ADD_PREFIX : SBEntry::ADD_FULL_HASH; - if (list_name == safe_browsing_util::kBinHashList || - list_name == safe_browsing_util::kDownloadWhiteList || + if (list_name == safe_browsing_util::kDownloadWhiteList || list_name == safe_browsing_util::kExtensionBlacklist || list_name == safe_browsing_util::kIPBlacklist) { // These lists only contain prefixes, no HOSTKEY and COUNT. @@ -313,14 +312,13 @@ bool SafeBrowsingProtocolParser::ParseSubChunk(const std::string& list_name, SBEntry::Type type = hash_len == sizeof(SBPrefix) ? SBEntry::SUB_PREFIX : SBEntry::SUB_FULL_HASH; - if (list_name == safe_browsing_util::kBinHashList || - list_name == safe_browsing_util::kDownloadWhiteList || + if (list_name == safe_browsing_util::kDownloadWhiteList || list_name == safe_browsing_util::kExtensionBlacklist || list_name == safe_browsing_util::kIPBlacklist) { SBChunkHost chunk_host; - // Set host to 0 and it won't be used for kBinHashList. + // Set host to 0 and it won't be used. chunk_host.host = 0; - // kBinHashList only contains (add_chunk_number, prefix) pairs, no HOSTKEY + // lists only contain (add_chunk_number, prefix) pairs, no HOSTKEY // and COUNT. |add_chunk_number| is int32. prefix_count = remaining / (sizeof(int32) + hash_len); chunk_host.entry = SBEntry::Create(type, prefix_count); diff --git a/chrome/browser/safe_browsing/protocol_parser_unittest.cc b/chrome/browser/safe_browsing/protocol_parser_unittest.cc index 77b6e22..4b44c55 100644 --- a/chrome/browser/safe_browsing/protocol_parser_unittest.cc +++ b/chrome/browser/safe_browsing/protocol_parser_unittest.cc @@ -180,13 +180,13 @@ TEST(SafeBrowsingProtocolParsingTest, TestAddBigChunk) { EXPECT_EQ(host1.entry->prefix_count(), 5); } -// Test to make sure we could deal with truncated bin hash chunk. -TEST(SafeBrowsingProtocolParsingTest, TestTruncatedBinHashChunk) { +// Test to make sure we could deal with truncated goog-*-digestvar chunk. +TEST(SafeBrowsingProtocolParsingTest, TestTruncatedHashChunk) { // This chunk delares there are 4 prefixes but actually only contains 2. const char add_chunk[] = "a:1:4:16\n11112222"; SafeBrowsingProtocolParser parser; SBChunkList chunks; - bool result = parser.ParseChunk(safe_browsing_util::kBinHashList, + bool result = parser.ParseChunk(safe_browsing_util::kExtensionBlacklist, add_chunk, static_cast<int>(sizeof(add_chunk)), &chunks); @@ -641,7 +641,7 @@ TEST(SafeBrowsingProtocolParsingTest, TestAddBinHashChunks) { SafeBrowsingProtocolParser parser; SBChunkList chunks; bool result = parser.ParseChunk( - safe_browsing_util::kBinHashList, + safe_browsing_util::kExtensionBlacklist, add_chunk.data(), static_cast<int>(add_chunk.length()), &chunks); @@ -677,7 +677,7 @@ TEST(SafeBrowsingProtocolParsingTest, TestAddBigBinHashChunk) { SafeBrowsingProtocolParser parser; SBChunkList chunks; bool result = parser.ParseChunk( - safe_browsing_util::kBinHashList, + safe_browsing_util::kExtensionBlacklist, add_chunk.data(), static_cast<int>(add_chunk.length()), &chunks); @@ -700,7 +700,7 @@ TEST(SafeBrowsingProtocolParsingTest, TestSubBinHashChunk) { SafeBrowsingProtocolParser parser; SBChunkList chunks; bool result = parser.ParseChunk( - safe_browsing_util::kBinHashList, + safe_browsing_util::kExtensionBlacklist, sub_chunk.data(), static_cast<int>(sub_chunk.length()), &chunks); @@ -803,8 +803,6 @@ TEST(SafeBrowsingProtocolParsingTest, TestAllLists) { add_testdata[safe_browsing_util::kSideEffectFreeWhitelist] = std::string( "a:1818:4:9\n\x85\xd0\xfe""i\x01""}\x98\xb1\xe5", 20); // goog-*-digestvar lists have no host-key data. - add_testdata[safe_browsing_util::kBinHashList] = std::string( - "a:5:4:4\nBBBB", 12); add_testdata[safe_browsing_util::kExtensionBlacklist] = std::string( "a:81:4:8\nhleedfcc", 17); // goog-*-sha256 lists have host-keys but they only contains @@ -833,8 +831,6 @@ TEST(SafeBrowsingProtocolParsingTest, TestAllLists) { sub_testdata[safe_browsing_util::kSideEffectFreeWhitelist] = std::string( "s:4:4:9\nHOST\x00""####", 17); // goog-*-digestvar lists have no host-key data. - sub_testdata[safe_browsing_util::kBinHashList] = std::string( - "s:5:4:8\n####BBBB", 16); sub_testdata[safe_browsing_util::kExtensionBlacklist] = std::string( "s:3:4:8\n\x00\x00\x00""%pgkc", 16); // goog-*-sha256 lists have host-keys but they only contains diff --git a/chrome/browser/safe_browsing/safe_browsing_database.cc b/chrome/browser/safe_browsing/safe_browsing_database.cc index d42be77..8b391fd 100644 --- a/chrome/browser/safe_browsing/safe_browsing_database.cc +++ b/chrome/browser/safe_browsing/safe_browsing_database.cc @@ -264,6 +264,9 @@ void GetChunkRanges(const std::vector<int>& chunks, void UpdateChunkRanges(SafeBrowsingStore* store, const std::vector<std::string>& listnames, std::vector<SBListChunkRanges>* lists) { + if (!store) + return; + DCHECK_GT(listnames.size(), 0U); DCHECK_LE(listnames.size(), 2U); std::vector<int> add_chunks; @@ -291,33 +294,20 @@ void UpdateChunkRanges(SafeBrowsingStore* store, } } -// Helper for deleting chunks left over from obsolete lists. -void DeleteChunksFromStore(SafeBrowsingStore* store, int listid){ - std::vector<int> add_chunks; - size_t adds_deleted = 0; - store->GetAddChunks(&add_chunks); - for (std::vector<int>::const_iterator iter = add_chunks.begin(); - iter != add_chunks.end(); ++iter) { - if (GetListIdBit(*iter) == GetListIdBit(listid)) { - adds_deleted++; - store->DeleteAddChunk(*iter); - } - } - if (adds_deleted > 0) - UMA_HISTOGRAM_COUNTS("SB2.DownloadBinhashAddsDeleted", adds_deleted); +void UpdateChunkRangesForLists(SafeBrowsingStore* store, + const std::string& listname0, + const std::string& listname1, + std::vector<SBListChunkRanges>* lists) { + std::vector<std::string> listnames; + listnames.push_back(listname0); + listnames.push_back(listname1); + UpdateChunkRanges(store, listnames, lists); +} - std::vector<int> sub_chunks; - size_t subs_deleted = 0; - store->GetSubChunks(&sub_chunks); - for (std::vector<int>::const_iterator iter = sub_chunks.begin(); - iter != sub_chunks.end(); ++iter) { - if (GetListIdBit(*iter) == GetListIdBit(listid)) { - subs_deleted++; - store->DeleteSubChunk(*iter); - } - } - if (subs_deleted > 0) - UMA_HISTOGRAM_COUNTS("SB2.DownloadBinhashSubsDeleted", subs_deleted); +void UpdateChunkRangesForList(SafeBrowsingStore* store, + const std::string& listname, + std::vector<SBListChunkRanges>* lists) { + UpdateChunkRanges(store, std::vector<std::string>(1, listname), lists); } // Order |SBAddFullHash| on the prefix part. |SBAddPrefixLess()| from @@ -450,8 +440,7 @@ SafeBrowsingStore* SafeBrowsingDatabaseNew::GetStore(const int list_id) { if (list_id == safe_browsing_util::PHISH || list_id == safe_browsing_util::MALWARE) { return browse_store_.get(); - } else if (list_id == safe_browsing_util::BINURL || - list_id == safe_browsing_util::BINHASH) { + } else if (list_id == safe_browsing_util::BINURL) { return download_store_.get(); } else if (list_id == safe_browsing_util::CSDWHITELIST) { return csd_whitelist_store_.get(); @@ -747,21 +736,6 @@ bool SafeBrowsingDatabaseNew::ContainsDownloadUrl( prefix_hits); } -bool SafeBrowsingDatabaseNew::ContainsDownloadHashPrefix( - const SBPrefix& prefix) { - DCHECK_EQ(creation_loop_, base::MessageLoop::current()); - - // Ignore this check when download store is not available. - if (!download_store_.get()) - return false; - - std::vector<SBPrefix> prefix_hits; - return MatchAddPrefixes(download_store_.get(), - safe_browsing_util::BINHASH % 2, - std::vector<SBPrefix>(1, prefix), - &prefix_hits); -} - bool SafeBrowsingDatabaseNew::ContainsCsdWhitelistedUrl(const GURL& url) { // This method is theoretically thread-safe but we expect all calls to // originate from the IO thread. @@ -1163,75 +1137,32 @@ bool SafeBrowsingDatabaseNew::UpdateStarted( return false; } - std::vector<std::string> browse_listnames; - browse_listnames.push_back(safe_browsing_util::kMalwareList); - browse_listnames.push_back(safe_browsing_util::kPhishingList); - UpdateChunkRanges(browse_store_.get(), browse_listnames, lists); + UpdateChunkRangesForLists(browse_store_.get(), + safe_browsing_util::kMalwareList, + safe_browsing_util::kPhishingList, + lists); - if (download_store_.get()) { - // This store used to contain kBinHashList in addition to - // kBinUrlList. Strip the stale data before generating the chunk - // ranges to request. UpdateChunkRanges() will traverse the chunk - // list, so this is very cheap if there are no kBinHashList chunks. - const int listid = - safe_browsing_util::GetListId(safe_browsing_util::kBinHashList); - DeleteChunksFromStore(download_store_.get(), listid); - - // The above marks the chunks for deletion, but they are not - // actually deleted until the database is rewritten. The - // following code removes the kBinHashList part of the request - // before continuing so that UpdateChunkRanges() doesn't break. - std::vector<std::string> download_listnames; - download_listnames.push_back(safe_browsing_util::kBinUrlList); - download_listnames.push_back(safe_browsing_util::kBinHashList); - UpdateChunkRanges(download_store_.get(), download_listnames, lists); - DCHECK_EQ(lists->back().name, - std::string(safe_browsing_util::kBinHashList)); - lists->pop_back(); - - // TODO(shess): This problem could also be handled in - // BeginUpdate() by detecting the chunks to delete and rewriting - // the database before it's used. When I implemented that, it - // felt brittle, it might be easier to just wait for some future - // format change. - } + // NOTE(shess): |download_store_| used to contain kBinHashList, which has been + // deprecated. Code to delete the list from the store shows ~15k hits/day as + // of Feb 2014, so it has been removed. Everything _should_ be resilient to + // extra data of that sort. + UpdateChunkRangesForList(download_store_.get(), + safe_browsing_util::kBinUrlList, lists); - if (csd_whitelist_store_.get()) { - std::vector<std::string> csd_whitelist_listnames; - csd_whitelist_listnames.push_back(safe_browsing_util::kCsdWhiteList); - UpdateChunkRanges(csd_whitelist_store_.get(), - csd_whitelist_listnames, lists); - } + UpdateChunkRangesForList(csd_whitelist_store_.get(), + safe_browsing_util::kCsdWhiteList, lists); - if (download_whitelist_store_.get()) { - std::vector<std::string> download_whitelist_listnames; - download_whitelist_listnames.push_back( - safe_browsing_util::kDownloadWhiteList); - UpdateChunkRanges(download_whitelist_store_.get(), - download_whitelist_listnames, lists); - } + UpdateChunkRangesForList(download_whitelist_store_.get(), + safe_browsing_util::kDownloadWhiteList, lists); - if (extension_blacklist_store_) { - UpdateChunkRanges( - extension_blacklist_store_.get(), - std::vector<std::string>(1, safe_browsing_util::kExtensionBlacklist), - lists); - } + UpdateChunkRangesForList(extension_blacklist_store_.get(), + safe_browsing_util::kExtensionBlacklist, lists); - if (side_effect_free_whitelist_store_) { - UpdateChunkRanges( - side_effect_free_whitelist_store_.get(), - std::vector<std::string>( - 1, safe_browsing_util::kSideEffectFreeWhitelist), - lists); - } + UpdateChunkRangesForList(side_effect_free_whitelist_store_.get(), + safe_browsing_util::kSideEffectFreeWhitelist, lists); - if (ip_blacklist_store_) { - UpdateChunkRanges( - ip_blacklist_store_.get(), - std::vector<std::string>(1, safe_browsing_util::kIPBlacklist), - lists); - } + UpdateChunkRangesForList(ip_blacklist_store_.get(), + safe_browsing_util::kIPBlacklist, lists); corruption_detected_ = false; change_detected_ = false; diff --git a/chrome/browser/safe_browsing/safe_browsing_database.h b/chrome/browser/safe_browsing/safe_browsing_database.h index 2c5c7c2..9122160 100644 --- a/chrome/browser/safe_browsing/safe_browsing_database.h +++ b/chrome/browser/safe_browsing/safe_browsing_database.h @@ -110,10 +110,6 @@ class SafeBrowsingDatabase { virtual bool ContainsDownloadUrl(const std::vector<GURL>& urls, std::vector<SBPrefix>* prefix_hits) = 0; - // Returns false if |prefix| is not in Download database. - // This function could ONLY be accessed from creation thread. - virtual bool ContainsDownloadHashPrefix(const SBPrefix& prefix) = 0; - // Returns false if |url| is not on the client-side phishing detection // whitelist. Otherwise, this function returns true. Note: the whitelist // only contains full-length hashes so we don't return any prefix hit. @@ -301,7 +297,6 @@ class SafeBrowsingDatabaseNew : public SafeBrowsingDatabase { base::Time last_update) OVERRIDE; virtual bool ContainsDownloadUrl(const std::vector<GURL>& urls, std::vector<SBPrefix>* prefix_hits) OVERRIDE; - virtual bool ContainsDownloadHashPrefix(const SBPrefix& prefix) OVERRIDE; virtual bool ContainsCsdWhitelistedUrl(const GURL& url) OVERRIDE; virtual bool ContainsDownloadWhitelistedUrl(const GURL& url) OVERRIDE; virtual bool ContainsDownloadWhitelistedString( diff --git a/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc b/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc index 5eb5b0c..443440b 100644 --- a/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc +++ b/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc @@ -438,13 +438,6 @@ TEST_F(SafeBrowsingDatabaseTest, ListNameForBrowseAndDownload) { database_->InsertChunks(safe_browsing_util::kBinUrlList, chunks); chunk.hosts.clear(); - InsertAddChunkHostPrefixUrl(&chunk, 4, "www.forhash.com/", - "www.forhash.com/download.html"); - chunks.clear(); - chunks.push_back(chunk); - database_->InsertChunks(safe_browsing_util::kBinHashList, chunks); - - chunk.hosts.clear(); InsertAddChunkHostFullHashes(&chunk, 5, "www.forwhitelist.com/", "www.forwhitelist.com/a.html"); chunks.clear(); @@ -488,7 +481,6 @@ TEST_F(SafeBrowsingDatabaseTest, ListNameForBrowseAndDownload) { EXPECT_TRUE(lists[2].name == safe_browsing_util::kBinUrlList); EXPECT_EQ(lists[2].adds, "3"); EXPECT_TRUE(lists[2].subs.empty()); - // kBinHashList is ignored. (http://crbug.com/108130) EXPECT_TRUE(lists[3].name == safe_browsing_util::kCsdWhiteList); EXPECT_EQ(lists[3].adds, "5"); EXPECT_TRUE(lists[3].subs.empty()); diff --git a/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc b/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc index 2a6d83f..d232342 100644 --- a/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc +++ b/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc @@ -99,16 +99,13 @@ class TestSafeBrowsingDatabase : public SafeBrowsingDatabase { std::vector<SBPrefix>* prefix_hits) OVERRIDE { std::vector<SBFullHashResult> full_hits; bool found = ContainsUrl(safe_browsing_util::kBinUrlList, - safe_browsing_util::kBinHashList, + safe_browsing_util::kBinUrlList, urls, prefix_hits, &full_hits); if (!found) return false; DCHECK_LE(1U, prefix_hits->size()); return true; } - virtual bool ContainsDownloadHashPrefix(const SBPrefix& prefix) OVERRIDE { - return download_digest_prefix_.count(prefix) > 0; - } virtual bool ContainsCsdWhitelistedUrl(const GURL& url) OVERRIDE { return true; } @@ -621,14 +618,6 @@ class TestSBClient content::RunMessageLoop(); // Will stop in OnCheckDownloadUrlResult. } - void CheckDownloadHash(const std::string& full_hash) { - BrowserThread::PostTask( - BrowserThread::IO, FROM_HERE, - base::Bind(&TestSBClient::CheckDownloadHashOnIOThread, - this, full_hash)); - content::RunMessageLoop(); // Will stop in OnCheckDownloadHashResult. - } - private: friend class base::RefCountedThreadSafe<TestSBClient>; virtual ~TestSBClient() {} @@ -638,11 +627,6 @@ class TestSBClient CheckDownloadUrl(url_chain, this); } - void CheckDownloadHashOnIOThread(const std::string& full_hash) { - safe_browsing_service_->database_manager()-> - CheckDownloadHash(full_hash, this); - } - // Called when the result of checking a download URL is known. virtual void OnCheckDownloadUrlResult(const std::vector<GURL>& url_chain, SBThreatType threat_type) OVERRIDE { @@ -651,14 +635,6 @@ class TestSBClient base::Bind(&TestSBClient::DownloadCheckDone, this)); } - // Called when the result of checking a download hash is known. - virtual void OnCheckDownloadHashResult(const std::string& hash, - SBThreatType threat_type) OVERRIDE { - threat_type_ = threat_type; - BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, - base::Bind(&TestSBClient::DownloadCheckDone, this)); - } - void DownloadCheckDone() { base::MessageLoopForUI::current()->Quit(); } @@ -722,27 +698,6 @@ IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckDownloadUrlRedirects) { EXPECT_EQ(SB_THREAT_TYPE_BINARY_MALWARE_URL, client->GetThreatType()); } -IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckDownloadHash) { - const std::string full_hash = "12345678902234567890323456789012"; - - scoped_refptr<TestSBClient> client(new TestSBClient); - client->CheckDownloadHash(full_hash); - - // Since badbin_url is not in database, it is considered to be safe. - EXPECT_EQ(SB_THREAT_TYPE_SAFE, client->GetThreatType()); - - SBFullHashResult full_hash_result; - int chunk_id = 0; - GenDigestFullhashResult(full_hash, safe_browsing_util::kBinHashList, - chunk_id, &full_hash_result); - SetupResponseForDigest(full_hash, full_hash_result); - - client->CheckDownloadHash(full_hash); - - // Now, the badbin_url is not safe since it is added to download database. - EXPECT_EQ(SB_THREAT_TYPE_BINARY_MALWARE_HASH, client->GetThreatType()); -} - IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckDownloadUrlTimedOut) { GURL badbin_url = test_server()->GetURL(kMalwareFile); std::vector<GURL> badbin_urls(1, badbin_url); @@ -775,37 +730,6 @@ IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckDownloadUrlTimedOut) { SetCheckTimeout(sb_service, default_urlcheck_timeout); } -IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, CheckDownloadHashTimedOut) { - const std::string full_hash = "12345678902234567890323456789012"; - - scoped_refptr<TestSBClient> client(new TestSBClient); - SBFullHashResult full_hash_result; - int chunk_id = 0; - GenDigestFullhashResult(full_hash, safe_browsing_util::kBinHashList, - chunk_id, &full_hash_result); - SetupResponseForDigest(full_hash, full_hash_result); - client->CheckDownloadHash(full_hash); - - // The badbin_url is not safe since it is added to download database. - EXPECT_EQ(SB_THREAT_TYPE_BINARY_MALWARE_HASH, client->GetThreatType()); - - // - // Now introducing delays and we should hit timeout. - // - SafeBrowsingService* sb_service = g_browser_process->safe_browsing_service(); - base::TimeDelta default_hashcheck_timeout = - GetCheckTimeout(sb_service); - IntroduceGetHashDelay(base::TimeDelta::FromSeconds(1)); - SetCheckTimeout(sb_service, base::TimeDelta::FromMilliseconds(1)); - client->CheckDownloadHash(full_hash); - - // There should be a timeout and the hash would be considered as safe. - EXPECT_EQ(SB_THREAT_TYPE_SAFE, client->GetThreatType()); - - // Need to set the timeout back to the default value. - SetCheckTimeout(sb_service, default_hashcheck_timeout); -} - IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, StartAndStop) { CreateCSDService(); SafeBrowsingService* sb_service = g_browser_process->safe_browsing_service(); diff --git a/chrome/browser/safe_browsing/safe_browsing_util.cc b/chrome/browser/safe_browsing/safe_browsing_util.cc index aff62a0..ff34605 100644 --- a/chrome/browser/safe_browsing/safe_browsing_util.cc +++ b/chrome/browser/safe_browsing/safe_browsing_util.cc @@ -169,23 +169,18 @@ namespace safe_browsing_util { const char kMalwareList[] = "goog-malware-shavar"; const char kPhishingList[] = "goog-phish-shavar"; const char kBinUrlList[] = "goog-badbinurl-shavar"; -// We don't use the bad binary digest list anymore. Use a fake listname to be -// sure we don't request it accidentally. -const char kBinHashList[] = "goog-badbin-digestvar-disabled"; const char kCsdWhiteList[] = "goog-csdwhite-sha256"; const char kDownloadWhiteList[] = "goog-downloadwhite-digest256"; const char kExtensionBlacklist[] = "goog-badcrxids-digestvar"; const char kSideEffectFreeWhitelist[] = "goog-sideeffectfree-shavar"; const char kIPBlacklist[] = "goog-badip-digest256"; -const char* kAllLists[10] = { +const char* kAllLists[8] = { kMalwareList, kPhishingList, kBinUrlList, - kBinHashList, kCsdWhiteList, kDownloadWhiteList, - kDownloadWhiteList, kExtensionBlacklist, kSideEffectFreeWhitelist, kIPBlacklist, @@ -199,8 +194,6 @@ ListType GetListId(const std::string& name) { id = PHISH; } else if (name == safe_browsing_util::kBinUrlList) { id = BINURL; - } else if (name == safe_browsing_util::kBinHashList) { - id = BINHASH; } else if (name == safe_browsing_util::kCsdWhiteList) { id = CSDWHITELIST; } else if (name == safe_browsing_util::kDownloadWhiteList) { @@ -228,9 +221,6 @@ bool GetListName(ListType list_id, std::string* list) { case BINURL: *list = safe_browsing_util::kBinUrlList; break; - case BINHASH: - *list = safe_browsing_util::kBinHashList; - break; case CSDWHITELIST: *list = safe_browsing_util::kCsdWhiteList; break; @@ -511,10 +501,6 @@ bool IsBadbinurlList(const std::string& list_name) { return list_name.compare(kBinUrlList) == 0; } -bool IsBadbinhashList(const std::string& list_name) { - return list_name.compare(kBinHashList) == 0; -} - bool IsExtensionList(const std::string& list_name) { return list_name.compare(kExtensionBlacklist) == 0; } diff --git a/chrome/browser/safe_browsing/safe_browsing_util.h b/chrome/browser/safe_browsing/safe_browsing_util.h index f9a12d7..4717240 100644 --- a/chrome/browser/safe_browsing/safe_browsing_util.h +++ b/chrome/browser/safe_browsing/safe_browsing_util.h @@ -142,9 +142,6 @@ enum SBThreatType { // The download URL is malware. SB_THREAT_TYPE_BINARY_MALWARE_URL, - // The hash of the download contents is malware. - SB_THREAT_TYPE_BINARY_MALWARE_HASH, - // Url detected by the client-side phishing model. Note that unlike the // above values, this does not correspond to a downloaded list. SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL, @@ -288,9 +285,8 @@ namespace safe_browsing_util { // SafeBrowsing list names. extern const char kMalwareList[]; extern const char kPhishingList[]; -// Binary Download list names. +// Binary Download list name. extern const char kBinUrlList[]; -extern const char kBinHashList[]; // SafeBrowsing client-side detection whitelist list name. extern const char kCsdWhiteList[]; // SafeBrowsing download whitelist list name. @@ -303,14 +299,14 @@ extern const char kSideEffectFreeWhitelist[]; extern const char kIPBlacklist[]; // This array must contain all Safe Browsing lists. -extern const char* kAllLists[10]; +extern const char* kAllLists[8]; enum ListType { INVALID = -1, MALWARE = 0, PHISH = 1, BINURL = 2, - BINHASH = 3, + // Obsolete BINHASH = 3, CSDWHITELIST = 4, // SafeBrowsing lists are stored in pairs. Keep ListType 5 // available for a potential second list that we would store in the @@ -360,7 +356,6 @@ int GetUrlHashIndex(const GURL& url, bool IsPhishingList(const std::string& list_name); bool IsMalwareList(const std::string& list_name); bool IsBadbinurlList(const std::string& list_name); -bool IsBadbinhashList(const std::string& list_name); bool IsExtensionList(const std::string& list_name); GURL GeneratePhishingReportUrl(const std::string& report_page, diff --git a/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc b/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc index 20b033b..f0763fe 100644 --- a/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc +++ b/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc @@ -316,13 +316,6 @@ TEST(SafeBrowsingUtilTest, ListIdListNameConversion) { EXPECT_EQ(list_name, std::string(safe_browsing_util::kBinUrlList)); EXPECT_EQ(safe_browsing_util::BINURL, safe_browsing_util::GetListId(list_name)); - - - EXPECT_TRUE(safe_browsing_util::GetListName(safe_browsing_util::BINHASH, - &list_name)); - EXPECT_EQ(list_name, std::string(safe_browsing_util::kBinHashList)); - EXPECT_EQ(safe_browsing_util::BINHASH, - safe_browsing_util::GetListId(list_name)); } // Since the ids are saved in file, we need to make sure they don't change. @@ -332,7 +325,6 @@ TEST(SafeBrowsingUtilTest, ListIdVerification) { EXPECT_EQ(0, safe_browsing_util::MALWARE % 2); EXPECT_EQ(1, safe_browsing_util::PHISH % 2); EXPECT_EQ(0, safe_browsing_util::BINURL %2); - EXPECT_EQ(1, safe_browsing_util::BINHASH % 2); } TEST(SafeBrowsingUtilTest, StringToSBFullHashAndSBFullHashToString) { |