summaryrefslogtreecommitdiffstats
path: root/components/safe_browsing_db
diff options
context:
space:
mode:
authorproberge <proberge@chromium.org>2016-02-17 10:40:20 -0800
committerCommit bot <commit-bot@chromium.org>2016-02-17 18:41:29 +0000
commita933956f59c648142b325d431a9d21f167e0d596 (patch)
treee6b73097356e3ad86b343a096aa8c8844251081a /components/safe_browsing_db
parent5cabd4e97172d9e015e1e504fa0712c4878bc8c1 (diff)
downloadchromium_src-a933956f59c648142b325d431a9d21f167e0d596.zip
chromium_src-a933956f59c648142b325d431a9d21f167e0d596.tar.gz
chromium_src-a933956f59c648142b325d431a9d21f167e0d596.tar.bz2
Add support for a module whitelist (goog-whitemodule-digest256) to the safe browsing db
BUG=585123 Review URL: https://codereview.chromium.org/1638223003 Cr-Commit-Position: refs/heads/master@{#375925}
Diffstat (limited to 'components/safe_browsing_db')
-rw-r--r--components/safe_browsing_db/database_manager.h6
-rw-r--r--components/safe_browsing_db/remote_database_manager.cc6
-rw-r--r--components/safe_browsing_db/remote_database_manager.h1
-rw-r--r--components/safe_browsing_db/test_database_manager.cc6
-rw-r--r--components/safe_browsing_db/test_database_manager.h1
-rw-r--r--components/safe_browsing_db/util.cc20
-rw-r--r--components/safe_browsing_db/util.h8
7 files changed, 35 insertions, 13 deletions
diff --git a/components/safe_browsing_db/database_manager.h b/components/safe_browsing_db/database_manager.h
index 4924cac..8167b3a 100644
--- a/components/safe_browsing_db/database_manager.h
+++ b/components/safe_browsing_db/database_manager.h
@@ -118,6 +118,12 @@ class SafeBrowsingDatabaseManager
// error occurs. This method must be called on the IO thread.
virtual bool MatchInclusionWhitelistUrl(const GURL& url) = 0;
+ // Check if |str|, a lowercase DLL file name, matches any of the full-length
+ // hashes from the module whitelist. Returns true if there was a match and
+ // false otherwise. To make sure we are conservative we will return true if
+ // an error occurs. This method must be called on the IO thread.
+ virtual bool MatchModuleWhitelistString(const std::string& str) = 0;
+
// Check if the CSD malware IP matching kill switch is turned on.
virtual bool IsMalwareKillSwitchOn() = 0;
diff --git a/components/safe_browsing_db/remote_database_manager.cc b/components/safe_browsing_db/remote_database_manager.cc
index 24e7167..8b1c480 100644
--- a/components/safe_browsing_db/remote_database_manager.cc
+++ b/components/safe_browsing_db/remote_database_manager.cc
@@ -207,6 +207,12 @@ bool RemoteSafeBrowsingDatabaseManager::MatchInclusionWhitelistUrl(
return true;
}
+bool RemoteSafeBrowsingDatabaseManager::MatchModuleWhitelistString(
+ const std::string& str) {
+ NOTREACHED();
+ return true;
+}
+
bool RemoteSafeBrowsingDatabaseManager::IsMalwareKillSwitchOn() {
NOTREACHED();
return true;
diff --git a/components/safe_browsing_db/remote_database_manager.h b/components/safe_browsing_db/remote_database_manager.h
index 0234285..89c71f5 100644
--- a/components/safe_browsing_db/remote_database_manager.h
+++ b/components/safe_browsing_db/remote_database_manager.h
@@ -54,6 +54,7 @@ class RemoteSafeBrowsingDatabaseManager : public SafeBrowsingDatabaseManager {
bool MatchDownloadWhitelistUrl(const GURL& url) override;
bool MatchDownloadWhitelistString(const std::string& str) override;
bool MatchInclusionWhitelistUrl(const GURL& url) override;
+ bool MatchModuleWhitelistString(const std::string& str) override;
bool IsMalwareKillSwitchOn() override;
bool IsCsdWhitelistKillSwitchOn() override;
diff --git a/components/safe_browsing_db/test_database_manager.cc b/components/safe_browsing_db/test_database_manager.cc
index 53f3316..454c358 100644
--- a/components/safe_browsing_db/test_database_manager.cc
+++ b/components/safe_browsing_db/test_database_manager.cc
@@ -93,6 +93,12 @@ bool TestSafeBrowsingDatabaseManager::MatchInclusionWhitelistUrl(
return true;
}
+bool TestSafeBrowsingDatabaseManager::MatchModuleWhitelistString(
+ const std::string& str) {
+ NOTIMPLEMENTED();
+ return true;
+}
+
bool TestSafeBrowsingDatabaseManager::IsMalwareKillSwitchOn() {
NOTIMPLEMENTED();
return false;
diff --git a/components/safe_browsing_db/test_database_manager.h b/components/safe_browsing_db/test_database_manager.h
index 66de565..aa25c51 100644
--- a/components/safe_browsing_db/test_database_manager.h
+++ b/components/safe_browsing_db/test_database_manager.h
@@ -36,6 +36,7 @@ class TestSafeBrowsingDatabaseManager
bool MatchDownloadWhitelistUrl(const GURL& url) override;
bool MatchDownloadWhitelistString(const std::string& str) override;
bool MatchInclusionWhitelistUrl(const GURL& url) override;
+ bool MatchModuleWhitelistString(const std::string& str) override;
bool IsMalwareKillSwitchOn() override;
bool IsCsdWhitelistKillSwitchOn() override;
void CancelCheck(Client* client) override;
diff --git a/components/safe_browsing_db/util.cc b/components/safe_browsing_db/util.cc
index 3129e7e..7289a0f 100644
--- a/components/safe_browsing_db/util.cc
+++ b/components/safe_browsing_db/util.cc
@@ -52,17 +52,12 @@ const char kExtensionBlacklist[] = "goog-badcrxids-digestvar";
const char kIPBlacklist[] = "goog-badip-digest256";
const char kUnwantedUrlList[] = "goog-unwanted-shavar";
const char kInclusionWhitelist[] = "goog-csdinclusionwhite-sha256";
+const char kModuleWhitelist[] = "goog-whitemodule-digest256";
-const char* kAllLists[9] = {
- kMalwareList,
- kPhishingList,
- kBinUrlList,
- kCsdWhiteList,
- kDownloadWhiteList,
- kExtensionBlacklist,
- kIPBlacklist,
- kUnwantedUrlList,
- kInclusionWhitelist,
+const char* kAllLists[10] = {
+ kMalwareList, kPhishingList, kBinUrlList, kCsdWhiteList,
+ kDownloadWhiteList, kExtensionBlacklist, kIPBlacklist, kUnwantedUrlList,
+ kInclusionWhitelist, kModuleWhitelist,
};
ListType GetListId(const base::StringPiece& name) {
@@ -85,6 +80,8 @@ ListType GetListId(const base::StringPiece& name) {
id = UNWANTEDURL;
} else if (name == kInclusionWhitelist) {
id = INCLUSIONWHITELIST;
+ } else if (name == kModuleWhitelist) {
+ id = MODULEWHITELIST;
} else {
id = INVALID;
}
@@ -120,6 +117,9 @@ bool GetListName(ListType list_id, std::string* list) {
case INCLUSIONWHITELIST:
*list = kInclusionWhitelist;
break;
+ case MODULEWHITELIST:
+ *list = kModuleWhitelist;
+ break;
default:
return false;
}
diff --git a/components/safe_browsing_db/util.h b/components/safe_browsing_db/util.h
index 2e6feb9..d350e10 100644
--- a/components/safe_browsing_db/util.h
+++ b/components/safe_browsing_db/util.h
@@ -100,9 +100,10 @@ extern const char kIPBlacklist[];
extern const char kUnwantedUrlList[];
// SafeBrowsing off-domain inclusion whitelist list name.
extern const char kInclusionWhitelist[];
+// SafeBrowsing module whitelist list name.
+extern const char kModuleWhitelist[];
// This array must contain all Safe Browsing lists.
-extern const char* kAllLists[9];
-
+extern const char* kAllLists[10];
enum ListType {
INVALID = -1,
@@ -126,9 +127,10 @@ enum ListType {
// See above comment. Leave 15 available.
INCLUSIONWHITELIST = 16,
// See above comment. Leave 17 available.
+ MODULEWHITELIST = 18,
+ // See above comment. Leave 19 available.
};
-
inline bool SBFullHashEqual(const SBFullHash& a, const SBFullHash& b) {
return !memcmp(a.full_hash, b.full_hash, sizeof(a.full_hash));
}
generated by cgit v1.1 at 2025-02-19 10:33:51 +0000