diff options
author | asargent <asargent@chromium.org> | 2014-09-26 14:15:25 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2014-09-26 21:15:46 +0000 |
commit | 49264e03b28ad3813382bef032839eddf893fa7e (patch) | |
tree | 6894d1f42c019d9d802217d790e96592f24b33b1 /extensions/browser/content_hash_reader.cc | |
parent | aaaae22e5c7a31658ecb7a562d4d6562d54fe2e7 (diff) | |
download | chromium_src-49264e03b28ad3813382bef032839eddf893fa7e.zip chromium_src-49264e03b28ad3813382bef032839eddf893fa7e.tar.gz chromium_src-49264e03b28ad3813382bef032839eddf893fa7e.tar.bz2 |
Fix case-sensitivity problems in extension content verification
On case-insensitive filesystems, extensions can generate requests
(script src tags, XHR's, etc.) to their own resources using a
relative path with incorrect case and have those requests
work (see crbug.com/29941 for some history). However, for
extension content verification, we were looking up the expected
file content hashes using the relative path given in the request,
not the actual filename, which meant that any difference in case
would be treated as "no hashes for this file".
This patch switches to using case-insensitive lookups, but uses a
multimap so that case-sensitive filesystems should not experience
problems.
BUG=412693
TEST=Install the test extension at http://goo.gl/rOpGDu, and turn
on content verification to Enforce mode in about:flags. Without
this patch, the extension will get force disabled on
windows/mac. With the patch, this should be fixed.
Review URL: https://codereview.chromium.org/585583003
Cr-Commit-Position: refs/heads/master@{#297032}
Diffstat (limited to 'extensions/browser/content_hash_reader.cc')
-rw-r--r-- | extensions/browser/content_hash_reader.cc | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/extensions/browser/content_hash_reader.cc b/extensions/browser/content_hash_reader.cc index 76fb3e2..76c7e60 100644 --- a/extensions/browser/content_hash_reader.cc +++ b/extensions/browser/content_hash_reader.cc @@ -85,14 +85,9 @@ bool ContentHashReader::Init() { block_size_ % crypto::kSHA256Length != 0) return false; - const std::string* expected_root = - verified_contents_->GetTreeHashRoot(relative_path_); - if (!expected_root) - return false; - std::string root = ComputeTreeHashRoot(hashes_, block_size_ / crypto::kSHA256Length); - if (*expected_root != root) + if (!verified_contents_->TreeHashRootEquals(relative_path_, root)) return false; status_ = SUCCESS; |