diff options
| -rw-r--r-- | chrome/browser/dom_ui/plugins_ui.cc | 14 | ||||
| -rw-r--r-- | chrome/browser/plugin_service.cc | 2 | ||||
| -rw-r--r-- | chrome/browser/plugin_updater.cc | 389 | ||||
| -rw-r--r-- | chrome/browser/plugin_updater.h | 136 | ||||
| -rw-r--r-- | chrome/chrome_common.gypi | 2 | ||||
| -rw-r--r-- | chrome/chrome_tests.gypi | 2 | ||||
| -rw-r--r-- | chrome/common/plugin_group.cc | 295 | ||||
| -rw-r--r-- | chrome/common/plugin_group.h | 115 | ||||
| -rw-r--r-- | chrome/common/plugin_group_unittest.cc (renamed from chrome/browser/plugin_updater_unittest.cc) | 23 |
9 files changed, 485 insertions, 493 deletions
diff --git a/chrome/browser/dom_ui/plugins_ui.cc b/chrome/browser/dom_ui/plugins_ui.cc index 00e8a31..25cec21 100644 --- a/chrome/browser/dom_ui/plugins_ui.cc +++ b/chrome/browser/dom_ui/plugins_ui.cc @@ -167,7 +167,7 @@ void PluginsDOMHandler::HandleRequestPluginsData(const Value* value) { DictionaryValue* results = new DictionaryValue(); // Grouped plugins. - results->Set(L"plugins", PluginUpdater::GetInstance()->GetPluginGroupsData()); + results->Set(L"plugins", plugin_updater::GetPluginGroupsData()); dom_ui_->CallJavascriptFunction(L"returnPluginsData", *results); } @@ -184,8 +184,7 @@ void PluginsDOMHandler::HandleEnablePluginMessage(const Value* value) { std::string enable_str; std::string is_group_str; - if (!list->GetString(1, &enable_str) || - !list->GetString(2, &is_group_str)) + if (!list->GetString(1, &enable_str) || !list->GetString(2, &is_group_str)) return; if (is_group_str == "true") { @@ -193,21 +192,20 @@ void PluginsDOMHandler::HandleEnablePluginMessage(const Value* value) { if (!list->GetString(0, &group_name)) return; - PluginUpdater::GetInstance()->EnablePluginGroup(enable_str == "true", - WideToUTF16(group_name)); + plugin_updater::EnablePluginGroup(enable_str == "true", + WideToUTF16(group_name)); } else { FilePath::StringType file_path; if (!list->GetString(0, &file_path)) return; - PluginUpdater::GetInstance()->EnablePluginFile(enable_str == "true", - file_path); + plugin_updater::EnablePluginFile(enable_str == "true", file_path); } // TODO(viettrungluu): We might also want to ensure that the plugins // list is always written to prefs even when the user hasn't disabled a // plugin. <http://crbug.com/39101> - PluginUpdater::GetInstance()->UpdatePreferences(dom_ui_->GetProfile()); + plugin_updater::UpdatePreferences(dom_ui_->GetProfile()); } void PluginsDOMHandler::HandleShowTermsOfServiceMessage(const Value* value) { diff --git a/chrome/browser/plugin_service.cc b/chrome/browser/plugin_service.cc index de8cc30..5d92a06 100644 --- a/chrome/browser/plugin_service.cc +++ b/chrome/browser/plugin_service.cc @@ -60,7 +60,7 @@ void PluginService::InitGlobalInstance(Profile* profile) { DCHECK(ChromeThread::CurrentlyOn(ChromeThread::UI)); // We first group the plugins and then figure out which groups to disable. - PluginUpdater::GetInstance()->DisablePluginGroupsFromPrefs(profile); + plugin_updater::DisablePluginGroupsFromPrefs(profile); // Have Chrome plugins write their data to the profile directory. GetInstance()->SetChromePluginDataDir(profile->GetPath()); diff --git a/chrome/browser/plugin_updater.cc b/chrome/browser/plugin_updater.cc index 53f7f54..288de87 100644 --- a/chrome/browser/plugin_updater.cc +++ b/chrome/browser/plugin_updater.cc @@ -9,294 +9,19 @@ #include "base/path_service.h" #include "base/scoped_ptr.h" -#include "base/string_util.h" #include "base/values.h" -#include "base/version.h" -#include "base/utf_string_conversions.h" #include "chrome/browser/pref_service.h" -#include "chrome/common/chrome_paths.h" #include "chrome/browser/profile.h" +#include "chrome/common/chrome_paths.h" +#include "chrome/common/plugin_group.h" #include "chrome/common/pref_names.h" #include "webkit/glue/plugins/plugin_list.h" #include "webkit/glue/plugins/webplugininfo.h" -/*private*/ -PluginGroup::PluginGroup(const string16& group_name, - const string16& name_matcher, - const std::string& version_range_low, - const std::string& version_range_high, - const std::string& min_version, - const std::string& update_url) { - group_name_ = group_name; - name_matcher_ = name_matcher; - version_range_low_str_ = version_range_low; - if (!version_range_low.empty()) { - version_range_low_.reset( - Version::GetVersionFromString(version_range_low)); - } - version_range_high_str_ = version_range_high; - if (!version_range_high.empty()) { - version_range_high_.reset( - Version::GetVersionFromString(version_range_high)); - } - min_version_str_ = min_version; - if (!min_version.empty()) { - min_version_.reset(Version::GetVersionFromString(min_version)); - } - update_url_ = update_url; - enabled_ = false; - max_version_.reset(Version::GetVersionFromString("0")); -} - -PluginGroup* PluginGroup::FromPluginGroupDefinition( - const PluginGroupDefinition& definition) { - return new PluginGroup(ASCIIToUTF16(definition.name), - ASCIIToUTF16(definition.name_matcher), - definition.version_matcher_low, - definition.version_matcher_high, - definition.min_version, - definition.update_url); -} - -PluginGroup* PluginGroup::FromWebPluginInfo(const WebPluginInfo& wpi) { - // Create a matcher from the name of this plugin. - return new PluginGroup(wpi.name, wpi.name, - "", "", "", ""); -} - -PluginGroup* PluginGroup::Copy() { - return new PluginGroup(group_name_, name_matcher_, version_range_low_str_, - version_range_high_str_, min_version_str_, - update_url_); -} - -const string16 PluginGroup::GetGroupName() const { - return group_name_; -} - -bool PluginGroup::Match(const WebPluginInfo& plugin) const { - if (name_matcher_.empty()) { - return false; - } - - // Look for the name matcher anywhere in the plugin name. - if (plugin.name.find(name_matcher_) == string16::npos) { - return false; - } - - if (version_range_low_.get() == NULL || - version_range_high_.get() == NULL) { - return true; - } - - // There's a version range, we must be in it. - scoped_ptr<Version> plugin_version( - Version::GetVersionFromString(UTF16ToWide(plugin.version))); - if (plugin_version.get() == NULL) { - // No version could be extracted, assume we don't match the range. - return false; - } - - // We match if we are in the range: [low, high) - return (version_range_low_->CompareTo(*plugin_version) <= 0 && - version_range_high_->CompareTo(*plugin_version) > 0); -} - -void PluginGroup::AddPlugin(const WebPluginInfo& plugin, int position) { - web_plugin_infos_.push_back(plugin); - // The position of this plugin relative to the global list of plugins. - web_plugin_positions_.push_back(position); - description_ = plugin.desc; - - // A group is enabled if any of the files are enabled. - if (plugin.enabled) { - enabled_ = true; - } - - // update max_version_. Remove spaces and ')' from the version string, - // Replace any instances of 'r', ',' or '(' with a dot. - std::wstring version = UTF16ToWide(plugin.version); - RemoveChars(version, L") ", &version); - std::replace(version.begin(), version.end(), 'r', '.'); - std::replace(version.begin(), version.end(), ',', '.'); - std::replace(version.begin(), version.end(), '(', '.'); - - scoped_ptr<Version> plugin_version( - Version::GetVersionFromString(version)); - if (plugin_version.get() != NULL) { - if (plugin_version->CompareTo(*(max_version_)) > 0) { - max_version_.reset(plugin_version.release()); - } - } -} - -DictionaryValue* PluginGroup::GetSummary() const { - DictionaryValue* result = new DictionaryValue(); - result->SetStringFromUTF16(L"name", group_name_); - result->SetBoolean(L"enabled", enabled_); - return result; -} - -DictionaryValue* PluginGroup::GetData() const { - DictionaryValue* result = new DictionaryValue(); - result->SetStringFromUTF16(L"name", group_name_); - result->SetStringFromUTF16(L"description", description_); - result->SetString(L"version", max_version_->GetString()); - result->SetString(L"update_url", update_url_); - result->SetBoolean(L"critical", IsVulnerable()); - result->SetBoolean(L"enabled", enabled_); - - ListValue* plugin_files = new ListValue(); - for (size_t i = 0; i < web_plugin_infos_.size(); ++i) { - const WebPluginInfo& web_plugin = web_plugin_infos_[i]; - int priority = web_plugin_positions_[i]; - DictionaryValue* plugin_file = new DictionaryValue(); - plugin_file->SetStringFromUTF16(L"name", web_plugin.name); - plugin_file->SetStringFromUTF16(L"description", web_plugin.desc); - plugin_file->SetString(L"path", web_plugin.path.value()); - plugin_file->SetStringFromUTF16(L"version", web_plugin.version); - plugin_file->SetBoolean(L"enabled", web_plugin.enabled); - plugin_file->SetInteger(L"priority", priority); - - ListValue* mime_types = new ListValue(); - for (std::vector<WebPluginMimeType>::const_iterator type_it = - web_plugin.mime_types.begin(); - type_it != web_plugin.mime_types.end(); - ++type_it) { - DictionaryValue* mime_type = new DictionaryValue(); - mime_type->SetString(L"mimeType", type_it->mime_type); - mime_type->SetStringFromUTF16(L"description", type_it->description); - - ListValue* file_extensions = new ListValue(); - for (std::vector<std::string>::const_iterator ext_it = - type_it->file_extensions.begin(); - ext_it != type_it->file_extensions.end(); - ++ext_it) { - file_extensions->Append(new StringValue(*ext_it)); - } - mime_type->Set(L"fileExtensions", file_extensions); - - mime_types->Append(mime_type); - } - plugin_file->Set(L"mimeTypes", mime_types); - - plugin_files->Append(plugin_file); - } - result->Set(L"plugin_files", plugin_files); - - return result; -} - -// Returns true if the latest version of this plugin group is vulnerable. -bool PluginGroup::IsVulnerable() const { - if (min_version_.get() == NULL || max_version_->GetString() == "0") { - return false; - } - return max_version_->CompareTo(*min_version_) < 0; -} - -void PluginGroup::Enable(bool enable) { - for (std::vector<WebPluginInfo>::const_iterator it = - web_plugin_infos_.begin(); - it != web_plugin_infos_.end(); ++it) { - if (enable) { - NPAPI::PluginList::Singleton()->EnablePlugin( - FilePath(it->path)); - } else { - NPAPI::PluginList::Singleton()->DisablePlugin( - FilePath(it->path)); - } - } -} - -#if defined(OS_MACOSX) -// Plugin Groups for Mac. -// Plugins are listed here as soon as vulnerabilities and solutions -// (new versions) are published. -// TODO(panayiotis): Track Java as soon as it's supported on Chrome Mac. -// TODO(panayiotis): Get the Real Player version on Mac, somehow. -static const PluginGroupDefinition kGroupDefinitions[] = { - { "Quicktime", "QuickTime Plug-in", "", "", "7.6.6", - "http://www.apple.com/quicktime/download/" }, - { "Flash", "Shockwave Flash", "", "", "10.0.45", - "http://get.adobe.com/flashplayer/" }, - { "Silverlight 3", "Silverlight", "0", "4", "3.0.50106.0", - "http://go.microsoft.com/fwlink/?LinkID=185927" }, - { "Silverlight 4", "Silverlight", "4", "5", "", - "http://go.microsoft.com/fwlink/?LinkID=185927" }, - { "Flip4Mac", "Flip4Mac", "", "", "2.2.1", - "http://www.telestream.net/flip4mac-wmv/overview.htm" }, - { "Shockwave", "Shockwave for Director", "", "", "11.5.7.609", - "http://www.adobe.com/shockwave/download/" } -}; - -#elif defined(OS_WIN) -// TODO(panayiotis): We should group "RealJukebox NS Plugin" with the rest of -// the RealPlayer files. -static const PluginGroupDefinition kGroupDefinitions[] = { - { "Quicktime", "QuickTime Plug-in", "", "", "7.6.6", - "http://www.apple.com/quicktime/download/" }, - { "Java 6", "Java", "", "6", "6.0.200", - "http://www.java.com/" }, - { "Adobe Reader 9", "Adobe Acrobat", "9", "10", "9.3.2", - "http://get.adobe.com/reader/" }, - { "Adobe Reader 8", "Adobe Acrobat", "0", "9", "8.2.2", - "http://get.adobe.com/reader/" }, - { "Flash", "Shockwave Flash", "", "", "10.0.45", - "http://get.adobe.com/flashplayer/" }, - { "Silverlight 3", "Silverlight", "0", "4", "3.0.50106.0", - "http://go.microsoft.com/fwlink/?LinkID=185927" }, - { "Silverlight 4", "Silverlight", "4", "5", "", - "http://go.microsoft.com/fwlink/?LinkID=185927" }, - { "Shockwave", "Shockwave for Director", "", "", "11.5.7.609", - "http://www.adobe.com/shockwave/download/" }, - { "DivX Player", "DivX Web Player", "", "", "1.4.3.4", - "http://download.divx.com/divx/autoupdate/player/DivXWebPlayerInstaller.exe" }, - // These are here for grouping, no vulnerabilies known. - { "Windows Media Player", "Windows Media Player", "", "", "", "" }, - { "Microsoft Office", "Microsoft Office", "", "", "", "" }, - // TODO(panayiotis): The vulnerable versions are - // (v >= 6.0.12.1040 && v <= 6.0.12.1663) - // || v == 6.0.12.1698 || v == 6.0.12.1741 - { "RealPlayer", "RealPlayer", "", "", "", - "http://www.adobe.com/shockwave/download/" }, -}; - -#else -static const PluginGroupDefinition kGroupDefinitions[] = {}; -#endif - -/*static*/ -const PluginGroupDefinition* PluginUpdater::GetPluginGroupDefinitions() { - return kGroupDefinitions; -} - -/*static*/ -const size_t PluginUpdater::GetPluginGroupDefinitionsSize() { - // TODO(viettrungluu): |arraysize()| doesn't work with zero-size arrays. - return ARRAYSIZE_UNSAFE(kGroupDefinitions); -} - -// static -PluginUpdater* PluginUpdater::GetInstance() { - return Singleton<PluginUpdater>::get(); -} - -PluginUpdater::PluginUpdater() { - const PluginGroupDefinition* definitions = GetPluginGroupDefinitions(); - for (size_t i = 0; i < GetPluginGroupDefinitionsSize(); ++i) { - PluginGroup* definition_group = PluginGroup::FromPluginGroupDefinition( - definitions[i]); - plugin_group_definitions_.push_back(linked_ptr<PluginGroup>( - definition_group)); - } -} - -PluginUpdater::~PluginUpdater() { -} +namespace plugin_updater { // Convert to a List of Groups -void PluginUpdater::GetPluginGroups( +static void GetPluginGroups( std::vector<linked_ptr<PluginGroup> >* plugin_groups) { // Read all plugins and convert them to plugin groups std::vector<WebPluginInfo> web_plugins; @@ -306,61 +31,27 @@ void PluginUpdater::GetPluginGroups( // and only create a new group if we can't find any. for (size_t i = 0; i < web_plugins.size(); ++i) { const WebPluginInfo& web_plugin = web_plugins[i]; - bool found = false; - for (std::vector<linked_ptr<PluginGroup> >::iterator existing_it = - plugin_groups->begin(); - existing_it != plugin_groups->end(); - ++existing_it) { - if ((*existing_it)->Match(web_plugin)) { - (*existing_it)->AddPlugin(web_plugin, i); - found = true; - break; - } - } - - if (!found) { - // See if this plugin matches any of the hardcoded groups. - for (std::vector<linked_ptr<PluginGroup> >::iterator defs_it = - plugin_group_definitions_.begin(); - defs_it != plugin_group_definitions_.end(); - ++defs_it) { - if ((*defs_it)->Match(web_plugin)) { - // Make a copy, otherwise we'd be modifying plugin_group_defs_ every - // time this method is called. - PluginGroup* copy = (*defs_it)->Copy(); - copy->AddPlugin(web_plugin, i); - plugin_groups->push_back(linked_ptr<PluginGroup>(copy)); - found = true; - break; - } - } - } - - // Not found in our hardcoded list, create a new one. - if (!found) { - PluginGroup* plugin_group = PluginGroup::FromWebPluginInfo(web_plugin); - plugin_group->AddPlugin(web_plugin, i); - plugin_groups->push_back(linked_ptr<PluginGroup>(plugin_group)); + PluginGroup* group = PluginGroup::FindGroupMatchingPlugin( + *plugin_groups, web_plugin); + if (!group) { + group = PluginGroup::FindHardcodedPluginGroup(web_plugin); + plugin_groups->push_back(linked_ptr<PluginGroup>(group)); } + group->AddPlugin(web_plugin, i); } } -ListValue* PluginUpdater::GetPluginGroupsData() { - std::vector<linked_ptr<PluginGroup> > plugin_groups; - GetPluginGroups(&plugin_groups); - - // Construct DictionaryValues to return to the UI - ListValue* plugin_groups_data = new ListValue(); - for (std::vector<linked_ptr<PluginGroup> >::iterator it = - plugin_groups.begin(); - it != plugin_groups.end(); - ++it) { - plugin_groups_data->Append((*it)->GetData()); - } - return plugin_groups_data; +static DictionaryValue* CreatePluginFileSummary( + const WebPluginInfo& plugin) { + DictionaryValue* data = new DictionaryValue(); + data->SetString(L"path", plugin.path.value()); + data->SetStringFromUTF16(L"name", plugin.name); + data->SetStringFromUTF16(L"version", plugin.version); + data->SetBoolean(L"enabled", plugin.enabled); + return data; } -ListValue* PluginUpdater::GetPluginGroupsSummary() { +ListValue* GetPluginGroupsData() { std::vector<linked_ptr<PluginGroup> > plugin_groups; GetPluginGroups(&plugin_groups); @@ -370,13 +61,12 @@ ListValue* PluginUpdater::GetPluginGroupsSummary() { plugin_groups.begin(); it != plugin_groups.end(); ++it) { - plugin_groups_data->Append((*it)->GetSummary()); + plugin_groups_data->Append((*it)->GetDataForUI()); } return plugin_groups_data; } -void PluginUpdater::EnablePluginGroup(bool enable, - const string16& group_name) { +void EnablePluginGroup(bool enable, const string16& group_name) { std::vector<linked_ptr<PluginGroup> > plugin_groups; GetPluginGroups(&plugin_groups); @@ -390,22 +80,20 @@ void PluginUpdater::EnablePluginGroup(bool enable, } } -void PluginUpdater::EnablePluginFile(bool enable, - const FilePath::StringType& file_path) { +void EnablePluginFile(bool enable, const FilePath::StringType& file_path) { if (enable) NPAPI::PluginList::Singleton()->EnablePlugin(FilePath(file_path)); else NPAPI::PluginList::Singleton()->DisablePlugin(FilePath(file_path)); } -// static #if defined(OS_CHROMEOS) -bool PluginUpdater::enable_internal_pdf_ = true; +static bool enable_internal_pdf_ = true; #else -bool PluginUpdater::enable_internal_pdf_ = false; +static bool enable_internal_pdf_ = false; #endif -void PluginUpdater::DisablePluginGroupsFromPrefs(Profile* profile) { +void DisablePluginGroupsFromPrefs(Profile* profile) { bool update_internal_dir = false; FilePath last_internal_dir = profile->GetPrefs()->GetFilePath(prefs::kPluginsLastInternalDirectory); @@ -485,17 +173,7 @@ void PluginUpdater::DisablePluginGroupsFromPrefs(Profile* profile) { } } -DictionaryValue* PluginUpdater::CreatePluginFileSummary( - const WebPluginInfo& plugin) { - DictionaryValue* data = new DictionaryValue(); - data->SetString(L"path", plugin.path.value()); - data->SetStringFromUTF16(L"name", plugin.name); - data->SetStringFromUTF16(L"version", plugin.version); - data->SetBoolean(L"enabled", plugin.enabled); - return data; -} - -void PluginUpdater::UpdatePreferences(Profile* profile) { +void UpdatePreferences(Profile* profile) { ListValue* plugins_list = profile->GetPrefs()->GetMutableList( prefs::kPluginsPluginsList); plugins_list->Clear(); @@ -515,10 +193,17 @@ void PluginUpdater::UpdatePreferences(Profile* profile) { } // Add the groups as well. - ListValue* plugin_groups = GetPluginGroupsSummary(); - for (ListValue::const_iterator it = plugin_groups->begin(); - it != plugin_groups->end(); + std::vector<linked_ptr<PluginGroup> > plugin_groups; + GetPluginGroups(&plugin_groups); + for (std::vector<linked_ptr<PluginGroup> >::iterator it = + plugin_groups.begin(); + it != plugin_groups.end(); ++it) { - plugins_list->Append(*it); + // Don't save preferences for vulnerable pugins. + if (!(*it)->IsVulnerable()) { + plugins_list->Append((*it)->GetSummary()); + } } } + +} // namespace plugin_updater diff --git a/chrome/browser/plugin_updater.h b/chrome/browser/plugin_updater.h index a18d222..ba89b83 100644 --- a/chrome/browser/plugin_updater.h +++ b/chrome/browser/plugin_updater.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -6,136 +6,32 @@ #define CHROME_BROWSER_PLUGIN_UPDATER_H_ #include <vector> + #include "base/basictypes.h" +#include "base/file_path.h" #include "base/linked_ptr.h" -#include "base/scoped_ptr.h" #include "base/singleton.h" -#include "base/string16.h" -#include "base/values.h" -#include "googleurl/src/gurl.h" -#include "webkit/glue/plugins/webplugininfo.h" -class Version; +class ListValue; class Profile; -// Hard-coded definitions of plugin groups. -typedef struct { - const char* const name; // Name of this group. - const char* const name_matcher; // Substring matcher for the plugin name. - const char* const version_matcher_low; // Matchers for the plugin version. - const char* const version_matcher_high; - const char* const min_version; // Minimum secure version. - const char* const update_url; // Location of latest secure version. -} PluginGroupDefinition; - - -// A PluginGroup contains at least one WebPluginInfo. -// In addition, it knows if the plugin is critically vulnerable. -class PluginGroup { - public: - // Creates a PluginGroup from a PluginGroupDefinition. - static PluginGroup* FromPluginGroupDefinition( - const PluginGroupDefinition& definition); - - // Creates a PluginGroup from a WebPluginInfo -- when no hard-coded - // definition is found. - static PluginGroup* FromWebPluginInfo(const WebPluginInfo& wpi); - - // Creates a copy of this plugin group. - PluginGroup* Copy(); - - // Returns true if the given plugin matches this group. - bool Match(const WebPluginInfo& plugin) const; - - // Adds the given plugin to this group. Provide the position of the - // plugin as given by PluginList so we can display its priority. - void AddPlugin(const WebPluginInfo& plugin, int position); - - // Enables/disables this group. This enables/disables all plugins in the - // group. - void Enable(bool enable); - - // Returns this group's name - const string16 GetGroupName() const; - - // Returns a DictionaryValue with data to display in the UI. - DictionaryValue* GetData() const; - - // Returns a DictionaryValue with data to save in the preferences. - DictionaryValue* GetSummary() const; - - // Returns true if the latest plugin in this group has known - // security problems. - bool IsVulnerable() const; - - private: - PluginGroup(const string16& group_name, - const string16& name_matcher, - const std::string& version_range_low, - const std::string& version_range_high, - const std::string& min_version, - const std::string& update_url); - - string16 group_name_; - string16 name_matcher_; - std::string version_range_low_str_; - std::string version_range_high_str_; - scoped_ptr<Version> version_range_low_; - scoped_ptr<Version> version_range_high_; - string16 description_; - std::string update_url_; - bool enabled_; - std::string min_version_str_; - scoped_ptr<Version> min_version_; - scoped_ptr<Version> max_version_; - std::vector<WebPluginInfo> web_plugin_infos_; - std::vector<int> web_plugin_positions_; - - DISALLOW_COPY_AND_ASSIGN(PluginGroup); -}; - -class PluginUpdater { - public: - // Returns the PluginUpdater singleton. - static PluginUpdater* GetInstance(); - - static const PluginGroupDefinition* GetPluginGroupDefinitions(); - static const size_t GetPluginGroupDefinitionsSize(); - - // Get a list of all the Plugin groups. - ListValue* GetPluginGroupsData(); - - // Get a list of all the Plugin groups. - ListValue* GetPluginGroupsSummary(); - - // Enable or disable a plugin group. - void EnablePluginGroup(bool enable, const string16& group_name); - - // Enable or disable a specific plugin file. - void EnablePluginFile(bool enable, const FilePath::StringType& file_path); - - // Disable all plugin groups as defined by the user's preference file. - void DisablePluginGroupsFromPrefs(Profile* profile); - - // Write the enable/disable status to the user's preference file. - void UpdatePreferences(Profile* profile); - - private: - friend struct DefaultSingletonTraits<PluginUpdater>; +namespace plugin_updater { - PluginUpdater(); - ~PluginUpdater(); +// Get a list of all the Plugin groups. +ListValue* GetPluginGroupsData(); - void GetPluginGroups(std::vector<linked_ptr<PluginGroup> >* plugin_groups); +// Enable or disable a plugin group. +void EnablePluginGroup(bool enable, const string16& group_name); - DictionaryValue* CreatePluginFileSummary(const WebPluginInfo& plugin); +// Enable or disable a specific plugin file. +void EnablePluginFile(bool enable, const FilePath::StringType& file_path); - std::vector<linked_ptr<PluginGroup> > plugin_group_definitions_; +// Disable all plugin groups as defined by the user's preference file. +void DisablePluginGroupsFromPrefs(Profile* profile); - // Set to true iff the internal pdf plugin is enabled by default. - static bool enable_internal_pdf_; +// Write the enable/disable status to the user's preference file. +void UpdatePreferences(Profile* profile); - DISALLOW_COPY_AND_ASSIGN(PluginUpdater); -}; +} // namespace plugin_updater #endif // CHROME_BROWSER_PLUGIN_UPDATER_H_ diff --git a/chrome/chrome_common.gypi b/chrome/chrome_common.gypi index d498239..e3e3c16 100644 --- a/chrome/chrome_common.gypi +++ b/chrome/chrome_common.gypi @@ -77,6 +77,8 @@ 'common/notification_service.h', 'common/notification_source.h', 'common/notification_type.h', + 'common/plugin_group.cc', + 'common/plugin_group.h', 'common/process_watcher_mac.cc', 'common/process_watcher_posix.cc', 'common/process_watcher_win.cc', diff --git a/chrome/chrome_tests.gypi b/chrome/chrome_tests.gypi index acc69d4..ad79e9e 100644 --- a/chrome/chrome_tests.gypi +++ b/chrome/chrome_tests.gypi @@ -888,7 +888,6 @@ 'browser/password_manager/password_store_default_unittest.cc', 'browser/password_manager/password_store_mac_unittest.cc', 'browser/password_manager/password_store_win_unittest.cc', - 'browser/plugin_updater_unittest.cc', 'browser/pref_member_unittest.cc', 'browser/pref_service_unittest.cc', 'browser/preferences_mock_mac.cc', @@ -1029,6 +1028,7 @@ 'common/net/test_url_fetcher_factory.cc', 'common/net/test_url_fetcher_factory.h', 'common/notification_service_unittest.cc', + 'common/plugin_group_unittest.cc', 'common/process_watcher_unittest.cc', 'common/property_bag_unittest.cc', 'common/render_messages_unittest.cc', diff --git a/chrome/common/plugin_group.cc b/chrome/common/plugin_group.cc new file mode 100644 index 0000000..984aebc --- /dev/null +++ b/chrome/common/plugin_group.cc @@ -0,0 +1,295 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/common/plugin_group.h" + +#include "base/string_util.h" +#include "base/utf_string_conversions.h" +#include "base/values.h" +#include "base/version.h" +#include "webkit/glue/plugins/plugin_list.h" + +#if defined(OS_MACOSX) +// Plugin Groups for Mac. +// Plugins are listed here as soon as vulnerabilities and solutions +// (new versions) are published. +// TODO(panayiotis): Track Java as soon as it's supported on Chrome Mac. +// TODO(panayiotis): Get the Real Player version on Mac, somehow. +static const PluginGroupDefinition kGroupDefinitions[] = { + { "Quicktime", "QuickTime Plug-in", "", "", "7.6.6", + "http://www.apple.com/quicktime/download/" }, + { "Flash", "Shockwave Flash", "", "", "10.1.53", + "http://get.adobe.com/flashplayer/" }, + { "Silverlight 3", "Silverlight", "0", "4", "3.0.50106.0", + "http://go.microsoft.com/fwlink/?LinkID=185927" }, + { "Silverlight 4", "Silverlight", "4", "5", "", + "http://go.microsoft.com/fwlink/?LinkID=185927" }, + { "Flip4Mac", "Flip4Mac", "", "", "2.2.1", + "http://www.telestream.net/flip4mac-wmv/overview.htm" }, + { "Shockwave", "Shockwave for Director", "", "", "11.5.7.609", + "http://www.adobe.com/shockwave/download/" } +}; + +#elif defined(OS_WIN) +// TODO(panayiotis): We should group "RealJukebox NS Plugin" with the rest of +// the RealPlayer files. +static const PluginGroupDefinition kGroupDefinitions[] = { + { "Quicktime", "QuickTime Plug-in", "", "", "7.6.6", + "http://www.apple.com/quicktime/download/" }, + { "Java 6", "Java", "", "6", "6.0.200", + "http://www.java.com/" }, + { "Adobe Reader 9", "Adobe Acrobat", "9", "10", "9.3.3", + "http://get.adobe.com/reader/" }, + { "Adobe Reader 8", "Adobe Acrobat", "0", "9", "8.2.3", + "http://get.adobe.com/reader/" }, + { "Flash", "Shockwave Flash", "", "", "10.1.53", + "http://get.adobe.com/flashplayer/" }, + { "Silverlight 3", "Silverlight", "0", "4", "3.0.50106.0", + "http://go.microsoft.com/fwlink/?LinkID=185927" }, + { "Silverlight 4", "Silverlight", "4", "5", "", + "http://go.microsoft.com/fwlink/?LinkID=185927" }, + { "Shockwave", "Shockwave for Director", "", "", "11.5.7.609", + "http://www.adobe.com/shockwave/download/" }, + { "DivX Player", "DivX Web Player", "", "", "1.4.3.4", + "http://download.divx.com/divx/autoupdate/player/DivXWebPlayerInstaller.exe" }, + // These are here for grouping, no vulnerabilies known. + { "Windows Media Player", "Windows Media Player", "", "", "", "" }, + { "Microsoft Office", "Microsoft Office", "", "", "", "" }, + // TODO(panayiotis): The vulnerable versions are + // (v >= 6.0.12.1040 && v <= 6.0.12.1663) + // || v == 6.0.12.1698 || v == 6.0.12.1741 + { "RealPlayer", "RealPlayer", "", "", "", + "http://www.adobe.com/shockwave/download/" }, +}; + +#else +static const PluginGroupDefinition kGroupDefinitions[] = {}; +#endif + +/*static*/ +const PluginGroupDefinition* PluginGroup::GetPluginGroupDefinitions() { + return kGroupDefinitions; +} + +/*static*/ +size_t PluginGroup::GetPluginGroupDefinitionsSize() { + // TODO(viettrungluu): |arraysize()| doesn't work with zero-size arrays. + return ARRAYSIZE_UNSAFE(kGroupDefinitions); +} + +PluginGroup::PluginGroup(const string16& group_name, + const string16& name_matcher, + const std::string& version_range_low, + const std::string& version_range_high, + const std::string& min_version, + const std::string& update_url) { + group_name_ = group_name; + name_matcher_ = name_matcher; + version_range_low_str_ = version_range_low; + if (!version_range_low.empty()) { + version_range_low_.reset( + Version::GetVersionFromString(version_range_low)); + } + version_range_high_str_ = version_range_high; + if (!version_range_high.empty()) { + version_range_high_.reset( + Version::GetVersionFromString(version_range_high)); + } + min_version_str_ = min_version; + if (!min_version.empty()) { + min_version_.reset(Version::GetVersionFromString(min_version)); + } + update_url_ = update_url; + enabled_ = false; + max_version_.reset(Version::GetVersionFromString("0")); +} + +PluginGroup* PluginGroup::FromPluginGroupDefinition( + const PluginGroupDefinition& definition) { + return new PluginGroup(ASCIIToUTF16(definition.name), + ASCIIToUTF16(definition.name_matcher), + definition.version_matcher_low, + definition.version_matcher_high, + definition.min_version, + definition.update_url); +} + +PluginGroup* PluginGroup::FromWebPluginInfo(const WebPluginInfo& wpi) { + // Create a matcher from the name of this plugin. + return new PluginGroup(wpi.name, wpi.name, + "", "", "", ""); +} + +PluginGroup* PluginGroup::FindHardcodedPluginGroup(const WebPluginInfo& info) { + static std::vector<linked_ptr<PluginGroup> >* hardcoded_plugin_groups = NULL; + if (!hardcoded_plugin_groups) { + std::vector<linked_ptr<PluginGroup> >* groups = + new std::vector<linked_ptr<PluginGroup> >(); + const PluginGroupDefinition* definitions = GetPluginGroupDefinitions(); + for (size_t i = 0; i < GetPluginGroupDefinitionsSize(); ++i) { + PluginGroup* definition_group = PluginGroup::FromPluginGroupDefinition( + definitions[i]); + groups->push_back(linked_ptr<PluginGroup>(definition_group)); + } + hardcoded_plugin_groups = groups; + } + + // See if this plugin matches any of the hardcoded groups. + PluginGroup* hardcoded_group = FindGroupMatchingPlugin( + *hardcoded_plugin_groups, info); + if (hardcoded_group) { + // Make a copy. + return hardcoded_group->Copy(); + } else { + // Not found in our hardcoded list, create a new one. + return PluginGroup::FromWebPluginInfo(info); + } +} + +PluginGroup* PluginGroup::FindGroupMatchingPlugin( + std::vector<linked_ptr<PluginGroup> >& plugin_groups, + const WebPluginInfo& plugin) { + for (std::vector<linked_ptr<PluginGroup> >::iterator it = + plugin_groups.begin(); + it != plugin_groups.end(); + ++it) { + if ((*it)->Match(plugin)) { + return it->get(); + } + } + return NULL; +} + +bool PluginGroup::Match(const WebPluginInfo& plugin) const { + if (name_matcher_.empty()) { + return false; + } + + // Look for the name matcher anywhere in the plugin name. + if (plugin.name.find(name_matcher_) == string16::npos) { + return false; + } + + if (version_range_low_.get() == NULL || + version_range_high_.get() == NULL) { + return true; + } + + // There's a version range, we must be in it. + scoped_ptr<Version> plugin_version( + Version::GetVersionFromString(UTF16ToWide(plugin.version))); + if (plugin_version.get() == NULL) { + // No version could be extracted, assume we don't match the range. + return false; + } + + // We match if we are in the range: [low, high) + return (version_range_low_->CompareTo(*plugin_version) <= 0 && + version_range_high_->CompareTo(*plugin_version) > 0); +} + +void PluginGroup::AddPlugin(const WebPluginInfo& plugin, int position) { + web_plugin_infos_.push_back(plugin); + // The position of this plugin relative to the global list of plugins. + web_plugin_positions_.push_back(position); + description_ = plugin.desc; + + // A group is enabled if any of the files are enabled. + if (plugin.enabled) { + enabled_ = true; + } + + // update max_version_. Remove spaces and ')' from the version string, + // Replace any instances of 'r', ',' or '(' with a dot. + std::wstring version = UTF16ToWide(plugin.version); + RemoveChars(version, L") ", &version); + std::replace(version.begin(), version.end(), 'r', '.'); + std::replace(version.begin(), version.end(), ',', '.'); + std::replace(version.begin(), version.end(), '(', '.'); + + scoped_ptr<Version> plugin_version( + Version::GetVersionFromString(version)); + if (plugin_version.get() != NULL) { + if (plugin_version->CompareTo(*(max_version_)) > 0) { + max_version_.reset(plugin_version.release()); + } + } +} + +DictionaryValue* PluginGroup::GetSummary() const { + DictionaryValue* result = new DictionaryValue(); + result->SetStringFromUTF16(L"name", group_name_); + result->SetBoolean(L"enabled", enabled_); + return result; +} + +DictionaryValue* PluginGroup::GetDataForUI() const { + DictionaryValue* result = new DictionaryValue(); + result->SetStringFromUTF16(L"name", group_name_); + result->SetStringFromUTF16(L"description", description_); + result->SetString(L"version", max_version_->GetString()); + result->SetString(L"update_url", update_url_); + result->SetBoolean(L"critical", IsVulnerable()); + result->SetBoolean(L"enabled", enabled_); + + ListValue* plugin_files = new ListValue(); + for (size_t i = 0; i < web_plugin_infos_.size(); ++i) { + const WebPluginInfo& web_plugin = web_plugin_infos_[i]; + int priority = web_plugin_positions_[i]; + DictionaryValue* plugin_file = new DictionaryValue(); + plugin_file->SetStringFromUTF16(L"name", web_plugin.name); + plugin_file->SetStringFromUTF16(L"description", web_plugin.desc); + plugin_file->SetString(L"path", web_plugin.path.value()); + plugin_file->SetStringFromUTF16(L"version", web_plugin.version); + plugin_file->SetBoolean(L"enabled", web_plugin.enabled); + plugin_file->SetInteger(L"priority", priority); + + ListValue* mime_types = new ListValue(); + for (std::vector<WebPluginMimeType>::const_iterator type_it = + web_plugin.mime_types.begin(); + type_it != web_plugin.mime_types.end(); + ++type_it) { + DictionaryValue* mime_type = new DictionaryValue(); + mime_type->SetString(L"mimeType", type_it->mime_type); + mime_type->SetStringFromUTF16(L"description", type_it->description); + + ListValue* file_extensions = new ListValue(); + for (std::vector<std::string>::const_iterator ext_it = + type_it->file_extensions.begin(); + ext_it != type_it->file_extensions.end(); + ++ext_it) { + file_extensions->Append(new StringValue(*ext_it)); + } + mime_type->Set(L"fileExtensions", file_extensions); + + mime_types->Append(mime_type); + } + plugin_file->Set(L"mimeTypes", mime_types); + + plugin_files->Append(plugin_file); + } + result->Set(L"plugin_files", plugin_files); + + return result; +} + +// Returns true if the latest version of this plugin group is vulnerable. +bool PluginGroup::IsVulnerable() const { + if (min_version_.get() == NULL || max_version_->GetString() == "0") { + return false; + } + return max_version_->CompareTo(*min_version_) < 0; +} + +void PluginGroup::Enable(bool enable) { + for (std::vector<WebPluginInfo>::const_iterator it = + web_plugin_infos_.begin(); + it != web_plugin_infos_.end(); ++it) { + if (enable) { + NPAPI::PluginList::Singleton()->EnablePlugin(FilePath(it->path)); + } else { + NPAPI::PluginList::Singleton()->DisablePlugin(FilePath(it->path)); + } + } +} diff --git a/chrome/common/plugin_group.h b/chrome/common/plugin_group.h new file mode 100644 index 0000000..dba66ae --- /dev/null +++ b/chrome/common/plugin_group.h @@ -0,0 +1,115 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROME_COMMON_PLUGIN_GROUP_H_ +#define CHROME_COMMON_PLUGIN_GROUP_H_ + +#include <vector> + +#include "base/linked_ptr.h" +#include "base/scoped_ptr.h" +#include "base/string16.h" +#include "base/version.h" +#include "webkit/glue/plugins/webplugininfo.h" + +class DictionaryValue; + +// Hard-coded definitions of plugin groups. +struct PluginGroupDefinition { + const char* name; // Name of this group. + const char* name_matcher; // Substring matcher for the plugin name. + const char* version_matcher_low; // Matchers for the plugin version. + const char* version_matcher_high; + const char* min_version; // Minimum secure version. + const char* update_url; // Location of latest secure version. +}; + + +// A PluginGroup contains at least one WebPluginInfo. +// In addition, it knows if the plugin is critically vulnerable. +class PluginGroup { + public: + // Creates a PluginGroup from a PluginGroupDefinition. + static PluginGroup* FromPluginGroupDefinition( + const PluginGroupDefinition& definition); + + // Creates a PluginGroup from a WebPluginInfo -- when no hard-coded + // definition is found. + static PluginGroup* FromWebPluginInfo(const WebPluginInfo& wpi); + + // Find a plugin group matching |info| in the list of hardcoded plugins. + static PluginGroup* FindHardcodedPluginGroup(const WebPluginInfo& info); + + // Find the PluginGroup matching a Plugin in a list of plugin groups. Returns + // NULL if no matching PluginGroup is found. + static PluginGroup* FindGroupMatchingPlugin( + std::vector<linked_ptr<PluginGroup> >& plugin_groups, + const WebPluginInfo& plugin); + + // Creates a copy of this plugin group. + PluginGroup* Copy() { + return new PluginGroup(group_name_, name_matcher_, version_range_low_str_, + version_range_high_str_, min_version_str_, + update_url_); + } + + // Returns true if the given plugin matches this group. + bool Match(const WebPluginInfo& plugin) const; + + // Adds the given plugin to this group. Provide the position of the + // plugin as given by PluginList so we can display its priority. + void AddPlugin(const WebPluginInfo& plugin, int position); + + // Enables/disables this group. This enables/disables all plugins in the + // group. + void Enable(bool enable); + + // Returns this group's name + const string16 GetGroupName() const { return group_name_; } + + // Returns a DictionaryValue with data to display in the UI. + DictionaryValue* GetDataForUI() const; + + // Returns a DictionaryValue with data to save in the preferences. + DictionaryValue* GetSummary() const; + + // Returns the update URL. + std::string GetUpdateURL() const { return update_url_; } + + // Returns true if the latest plugin in this group has known + // security problems. + bool IsVulnerable() const; + + private: + FRIEND_TEST_ALL_PREFIXES(PluginGroupTest, PluginGroupDefinition); + + static const PluginGroupDefinition* GetPluginGroupDefinitions(); + static size_t GetPluginGroupDefinitionsSize(); + + PluginGroup(const string16& group_name, + const string16& name_matcher, + const std::string& version_range_low, + const std::string& version_range_high, + const std::string& min_version, + const std::string& update_url); + + string16 group_name_; + string16 name_matcher_; + std::string version_range_low_str_; + std::string version_range_high_str_; + scoped_ptr<Version> version_range_low_; + scoped_ptr<Version> version_range_high_; + string16 description_; + std::string update_url_; + bool enabled_; + std::string min_version_str_; + scoped_ptr<Version> min_version_; + scoped_ptr<Version> max_version_; + std::vector<WebPluginInfo> web_plugin_infos_; + std::vector<int> web_plugin_positions_; + + DISALLOW_COPY_AND_ASSIGN(PluginGroup); +}; + +#endif // CHROME_COMMON_PLUGIN_GROUP_H_ diff --git a/chrome/browser/plugin_updater_unittest.cc b/chrome/common/plugin_group_unittest.cc index d6df331..7def7c6 100644 --- a/chrome/browser/plugin_updater_unittest.cc +++ b/chrome/common/plugin_group_unittest.cc @@ -1,14 +1,15 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "chrome/browser/plugin_updater.h" +#include "chrome/common/plugin_group.h" #include <string> #include <vector> #include "base/scoped_ptr.h" #include "base/string_util.h" +#include "base/values.h" #include "base/version.h" #include "testing/gtest/include/gtest/gtest.h" #include "webkit/glue/plugins/webplugininfo.h" @@ -39,10 +40,10 @@ static WebPluginInfo kPlugin4043 = { ASCIIToUTF16("MyPlugin"), FilePath(), ASCIIToUTF16("4.0.43"), string16(), std::vector<WebPluginMimeType>(), true }; -class PluginUpdaterTest : public testing::Test { +class PluginGroupTest : public testing::Test { }; -TEST(PluginUpdaterTest, PluginGroupMatch) { +TEST(PluginGroupTest, PluginGroupMatch) { scoped_ptr<PluginGroup> group(PluginGroup::FromPluginGroupDefinition( kPluginDef3)); EXPECT_TRUE(group->Match(kPlugin3045)); @@ -50,7 +51,7 @@ TEST(PluginUpdaterTest, PluginGroupMatch) { EXPECT_FALSE(group->IsVulnerable()); } -TEST(PluginUpdaterTest, PluginGroupMatchMultipleFiles) { +TEST(PluginGroupTest, PluginGroupMatchMultipleFiles) { scoped_ptr<PluginGroup> group(PluginGroup::FromPluginGroupDefinition( kPluginDef3)); EXPECT_TRUE(group->Match(kPlugin3043)); @@ -62,7 +63,7 @@ TEST(PluginUpdaterTest, PluginGroupMatchMultipleFiles) { EXPECT_FALSE(group->IsVulnerable()); } -TEST(PluginUpdaterTest, PluginGroupMatchCorrectVersion) { +TEST(PluginGroupTest, PluginGroupMatchCorrectVersion) { scoped_ptr<PluginGroup> group(PluginGroup::FromPluginGroupDefinition( kPluginDef3)); EXPECT_TRUE(group->Match(kPlugin2043)); @@ -75,10 +76,10 @@ TEST(PluginUpdaterTest, PluginGroupMatchCorrectVersion) { EXPECT_TRUE(group->Match(kPlugin4043)); } -TEST(PluginUpdaterTest, PluginGroupDefinition) { +TEST(PluginGroupTest, PluginGroupDefinition) { const PluginGroupDefinition* definitions = - PluginUpdater::GetPluginGroupDefinitions(); - for (size_t i = 0; i < PluginUpdater::GetPluginGroupDefinitionsSize(); ++i) { + PluginGroup::GetPluginGroupDefinitions(); + for (size_t i = 0; i < PluginGroup::GetPluginGroupDefinitionsSize(); ++i) { scoped_ptr<PluginGroup> def_group( PluginGroup::FromPluginGroupDefinition(definitions[i])); ASSERT_TRUE(def_group.get() != NULL); @@ -86,7 +87,7 @@ TEST(PluginUpdaterTest, PluginGroupDefinition) { } } -TEST(PluginUpdaterTest, VersionExtraction) { +TEST(PluginGroupTest, VersionExtraction) { // Some real-world plugin versions (spaces, commata, parentheses, 'r', oh my) const char* versions[][2] = { { "7.6.6 (1671)", "7.6.6.1671" }, // Quicktime @@ -104,7 +105,7 @@ TEST(PluginUpdaterTest, VersionExtraction) { scoped_ptr<PluginGroup> group(PluginGroup::FromWebPluginInfo(plugin)); EXPECT_TRUE(group->Match(plugin)); group->AddPlugin(plugin, 0); - scoped_ptr<DictionaryValue> data(group->GetData()); + scoped_ptr<DictionaryValue> data(group->GetDataForUI()); std::string version; data->GetString(L"version", &version); EXPECT_EQ(versions[i][1], version); |