File: archive_analyzer_results.h

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (121 lines) | stat: -rw-r--r-- 4,407 bytes parent folder | download | duplicates (9) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
 
// Copyright 2015 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// This file contains the archive analyzer analysis implementation for download
// protection, which runs in a sandboxed utility process.

#ifndef CHROME_COMMON_SAFE_BROWSING_ARCHIVE_ANALYZER_RESULTS_H_
#define CHROME_COMMON_SAFE_BROWSING_ARCHIVE_ANALYZER_RESULTS_H_

#include <vector>

#include "base/files/file_path.h"
#include "build/build_config.h"
#include "components/safe_browsing/content/common/proto/download_file_types.pb.h"
#include "components/safe_browsing/core/common/proto/csd.pb.h"

namespace base {
class File;
}

namespace safe_browsing {

// These values are persisted to logs. Entries should not be renumbered and
// numeric values should never be reused.
enum class ArchiveAnalysisResult {
  kUnknown = 0,  // kUnknown indicates a case where we don't have a specific
                 // reason, but parsing failed. This bucket will be broken into
                 // more buckets in the future, as we identify more reasons for
                 // analysis failure.
  kUnspecified = 1,  // kUnspecified indicates that the analysis code provided
                     // no reason at all. Logging this value indicates a bug.
  kValid = 2,
  kTooLarge = 3,
  kTimeout = 4,
  kFailedToOpen = 5,
  kFailedToOpenTempFile = 6,
  kDmgNoPartitions = 7,
  kFailedDuringIteration = 8,
  kDiskError = 9,
  kMaxValue = kDiskError,
};

struct EncryptionInfo {
  // True if the metadata is encrypted or there is at least one encrypted entry
  // in the archive.
  bool is_encrypted = false;

  // True if the metadata of the top-level archive is encrypted or at
  // least one the files contained in the top-level archive are encrypted.
  bool is_top_level_encrypted = false;

  enum PasswordStatus {
    kUnknown = 0,
    kKnownIncorrect = 1,
    kKnownCorrect = 2,
    kMaxValue = kKnownCorrect,
  };

  // Set to kKnownCorrect if the archive unpacks correctly with the given
  // password.
  PasswordStatus password_status = kUnknown;
};

struct ArchiveAnalyzerResults {
  bool success = false;
  bool has_executable = false;
  bool has_archive = false;
  google::protobuf::RepeatedPtrField<ClientDownloadRequest_ArchivedBinary>
      archived_binary;
  std::vector<base::FilePath> archived_archive_filenames;
#if BUILDFLAG(IS_MAC)
  std::vector<uint8_t> signature_blob;
  google::protobuf::RepeatedPtrField<
      ClientDownloadRequest_DetachedCodeSignature>
      detached_code_signatures;
#endif  // BUILDFLAG(IS_MAC)
  int file_count = 0;
  int directory_count = 0;
  ArchiveAnalysisResult analysis_result = ArchiveAnalysisResult::kUnspecified;

  // TODO(crbug.com/40923880): Populate this information for RAR archives as
  // well.
  EncryptionInfo encryption_info;

  ArchiveAnalyzerResults();
  ArchiveAnalyzerResults(const ArchiveAnalyzerResults& other);
  ~ArchiveAnalyzerResults();
};

// Updates `results` with the results of inspecting `file`, given that it will
// be extracted to `path`. Due to complications with the utility process sandbox
// (see https://crbug.com/944633), the file inspection is limited to the first
// `file_length` bytes of `file`.
void UpdateArchiveAnalyzerResultsWithFile(base::FilePath path,
                                          base::File* file,
                                          int file_length,
                                          bool is_encrypted,
                                          bool is_directory,
                                          bool contents_valid,
                                          bool is_top_level,
                                          ArchiveAnalyzerResults* results);

// Returns the `DownloadFileType_InspectionType` of the file path.
safe_browsing::DownloadFileType_InspectionType GetFileType(base::FilePath path);

// Update the `archived_binary` with the string value path name.
void SetNameForContainedFile(
    const base::FilePath& path,
    ClientDownloadRequest::ArchivedBinary* archived_binary);

// Update the `archived_binary` with the `file_length` and the
// `mutable_digests` fields
void SetLengthAndDigestForContainedFile(
    base::File* temp_file,
    int file_length,
    ClientDownloadRequest::ArchivedBinary* archived_binary);

}  // namespace safe_browsing

#endif  // CHROME_COMMON_SAFE_BROWSING_ARCHIVE_ANALYZER_RESULTS_H_