summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--chrome/browser/chrome_elf_init_unittest_win.cc34
-rw-r--r--chrome/browser/chrome_elf_init_win.cc23
-rw-r--r--chrome/browser/chrome_elf_init_win.h8
-rw-r--r--chrome/chrome_tests_unit.gypi1
-rw-r--r--chrome/unit_tests.isolate1
-rw-r--r--chrome_elf/blacklist/blacklist.cc8
-rw-r--r--chrome_elf/blacklist/blacklist.h4
-rw-r--r--chrome_elf/chrome_elf.def2
8 files changed, 81 insertions, 0 deletions
diff --git a/chrome/browser/chrome_elf_init_unittest_win.cc b/chrome/browser/chrome_elf_init_unittest_win.cc
index 90a2882..c1d6295 100644
--- a/chrome/browser/chrome_elf_init_unittest_win.cc
+++ b/chrome/browser/chrome_elf_init_unittest_win.cc
@@ -5,13 +5,17 @@
#include "chrome/browser/chrome_elf_init_win.h"
#include "base/basictypes.h"
+#include "base/files/file_path.h"
#include "base/memory/scoped_ptr.h"
#include "base/metrics/field_trial.h"
+#include "base/path_service.h"
+#include "base/scoped_native_library.h"
#include "base/strings/string16.h"
#include "base/strings/string_util.h"
#include "base/strings/utf_string_conversions.h"
#include "base/test/test_reg_util_win.h"
#include "chrome/common/chrome_version_info.h"
+#include "chrome_elf/blacklist/blacklist.h"
#include "chrome_elf/chrome_elf_constants.h"
#include "components/variations/entropy_provider.h"
#include "components/variations/variations_associated_data.h"
@@ -21,6 +25,7 @@
namespace {
const char kBrowserBlacklistTrialEnabledGroupName[] = "Enabled";
+const wchar_t kTestDllName[] = L"blacklist_test_dll_1.dll";
class ChromeBlacklistTrialTest : public testing::Test {
protected:
@@ -195,4 +200,33 @@ TEST_F(ChromeBlacklistTrialTest, AddFinchBlacklistToRegistry) {
}
}
+TEST_F(ChromeBlacklistTrialTest, TestBlacklistBypass) {
+ base::FilePath current_dir;
+ ASSERT_TRUE(PathService::Get(base::DIR_EXE, &current_dir));
+
+ // Load test dll.
+ base::ScopedNativeLibrary dll1(current_dir.Append(kTestDllName));
+
+ // No blacklisted dll should be found.
+ std::vector<base::string16> module_names;
+ EXPECT_TRUE(GetLoadedBlacklistedModules(&module_names));
+ EXPECT_TRUE(module_names.empty());
+ // For posterity, print any that are.
+ std::vector<base::string16>::const_iterator module_iter(module_names.begin());
+ for (; module_iter != module_names.end(); ++module_iter) {
+ LOG(ERROR) << "Found blacklisted module: " << *module_iter;
+ }
+
+ // Add test dll to blacklist
+ blacklist::AddDllToBlacklist(kTestDllName);
+
+ // Check that the test dll appears in list.
+ module_names.clear();
+ EXPECT_TRUE(GetLoadedBlacklistedModules(&module_names));
+ ASSERT_EQ(1, module_names.size());
+ EXPECT_STREQ(kTestDllName,
+ StringToLowerASCII(
+ base::FilePath(module_names[0]).BaseName().value()).c_str());
+}
+
} // namespace
diff --git a/chrome/browser/chrome_elf_init_win.cc b/chrome/browser/chrome_elf_init_win.cc
index 3d568a6..4151fb4 100644
--- a/chrome/browser/chrome_elf_init_win.cc
+++ b/chrome/browser/chrome_elf_init_win.cc
@@ -3,12 +3,16 @@
// found in the LICENSE file.
#include "base/bind.h"
+#include "base/files/file_path.h"
#include "base/metrics/field_trial.h"
#include "base/metrics/histogram.h"
#include "base/metrics/sparse_histogram.h"
+#include "base/strings/string_util.h"
#include "base/strings/utf_string_conversions.h"
#include "base/win/registry.h"
#include "chrome/browser/chrome_elf_init_win.h"
+#include "chrome/browser/install_verification/win/module_info.h"
+#include "chrome/browser/install_verification/win/module_verification_common.h"
#include "chrome_elf/blacklist/blacklist.h"
#include "chrome_elf/chrome_elf_constants.h"
#include "chrome_elf/dll_hash/dll_hash.h"
@@ -204,3 +208,22 @@ void BrowserBlacklistBeaconSetup() {
RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED);
}
}
+
+bool GetLoadedBlacklistedModules(std::vector<base::string16>* module_names) {
+ DCHECK(module_names);
+
+ std::set<ModuleInfo> module_info_set;
+ if (!GetLoadedModules(&module_info_set))
+ return false;
+
+ std::set<ModuleInfo>::const_iterator module_iter(module_info_set.begin());
+ for (; module_iter != module_info_set.end(); ++module_iter) {
+ base::string16 module_file_name(StringToLowerASCII(
+ base::FilePath(module_iter->name).BaseName().value()));
+ if (blacklist::GetBlacklistIndex(module_file_name.c_str()) != -1) {
+ module_names->push_back(module_iter->name);
+ }
+ }
+
+ return true;
+}
diff --git a/chrome/browser/chrome_elf_init_win.h b/chrome/browser/chrome_elf_init_win.h
index 84d3da4..ade729a 100644
--- a/chrome/browser/chrome_elf_init_win.h
+++ b/chrome/browser/chrome_elf_init_win.h
@@ -5,6 +5,10 @@
#ifndef CHROME_BROWSER_CHROME_ELF_INIT_WIN_H_
#define CHROME_BROWSER_CHROME_ELF_INIT_WIN_H_
+#include <vector>
+
+#include "base/strings/string16.h"
+
// Field trial name and full name for the blacklist disabled group.
extern const char kBrowserBlacklistTrialName[];
extern const char kBrowserBlacklistTrialDisabledGroupName[];
@@ -19,4 +23,8 @@ void AddFinchBlacklistToRegistry();
// Set the required state for an enabled browser blacklist.
void BrowserBlacklistBeaconSetup();
+// Retrieves the set of blacklisted modules that are loaded in the process.
+// Returns true if successful, false otherwise.
+bool GetLoadedBlacklistedModules(std::vector<base::string16>* module_names);
+
#endif // CHROME_BROWSER_CHROME_ELF_INIT_WIN_H_
diff --git a/chrome/chrome_tests_unit.gypi b/chrome/chrome_tests_unit.gypi
index a0fec35..0d51cda 100644
--- a/chrome/chrome_tests_unit.gypi
+++ b/chrome/chrome_tests_unit.gypi
@@ -2458,6 +2458,7 @@
'dependencies': [
'chrome_version_resources',
'installer_util_strings',
+ '../chrome_elf/chrome_elf.gyp:blacklist_test_dll_1',
'../third_party/iaccessible2/iaccessible2.gyp:iaccessible2',
'../third_party/isimpledom/isimpledom.gyp:isimpledom',
],
diff --git a/chrome/unit_tests.isolate b/chrome/unit_tests.isolate
index 9d0191a..55ef3be 100644
--- a/chrome/unit_tests.isolate
+++ b/chrome/unit_tests.isolate
@@ -101,6 +101,7 @@
['OS=="win"', {
'variables': {
'isolate_dependency_tracked': [
+ '<(PRODUCT_DIR)/blacklist_test_dll_1.dll',
'<(PRODUCT_DIR)/chrome_elf.dll',
'<(PRODUCT_DIR)/ffmpegsumo.dll',
'<(PRODUCT_DIR)/libexif.dll',
diff --git a/chrome_elf/blacklist/blacklist.cc b/chrome_elf/blacklist/blacklist.cc
index e6450c1..824a9e9 100644
--- a/chrome_elf/blacklist/blacklist.cc
+++ b/chrome_elf/blacklist/blacklist.cc
@@ -230,6 +230,14 @@ bool IsBlacklistInitialized() {
return g_blacklist_initialized;
}
+int GetBlacklistIndex(const wchar_t* dll_name) {
+ for (int i = 0; i < kTroublesomeDllsMaxCount, g_troublesome_dlls[i]; ++i) {
+ if (_wcsicmp(dll_name, g_troublesome_dlls[i]) == 0)
+ return i;
+ }
+ return -1;
+}
+
bool AddDllToBlacklist(const wchar_t* dll_name) {
int blacklist_size = BlacklistSize();
// We need to leave one space at the end for the null pointer.
diff --git a/chrome_elf/blacklist/blacklist.h b/chrome_elf/blacklist/blacklist.h
index 9ea680c..8a06ef0 100644
--- a/chrome_elf/blacklist/blacklist.h
+++ b/chrome_elf/blacklist/blacklist.h
@@ -40,6 +40,10 @@ int BlacklistSize();
// Returns if true if the blacklist has been initialized.
extern "C" bool IsBlacklistInitialized();
+// Returns the index of the DLL named |dll_name| on the blacklist, or -1 if not
+// found.
+extern "C" int GetBlacklistIndex(const wchar_t* dll_name);
+
// Adds the given dll name to the blacklist. Returns true if the dll name is in
// the blacklist when this returns, false on error. Note that this will copy
// |dll_name| and will leak it on exit if the string is not subsequently removed
diff --git a/chrome_elf/chrome_elf.def b/chrome_elf/chrome_elf.def
index 566a8fb..07541e2 100644
--- a/chrome_elf/chrome_elf.def
+++ b/chrome_elf/chrome_elf.def
@@ -10,3 +10,5 @@ EXPORTS
IsBlacklistInitialized
SignalChromeElf
SuccessfullyBlocked
+ GetBlacklistIndex
+ AddDllToBlacklist
generated by cgit v1.1 at 2025-01-08 11:40:16 +0000