// Copyright 2015 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/services/file_util/public/cpp/sandboxed_dmg_analyzer_mac.h"
#include <mach-o/loader.h>
#include <stdint.h>
#include "base/files/file_path.h"
#include "base/files/file_util.h"
#include "base/functional/bind.h"
#include "base/memory/raw_ptr.h"
#include "base/path_service.h"
#include "base/run_loop.h"
#include "base/strings/string_number_conversions.h"
#include "chrome/common/chrome_paths.h"
#include "chrome/common/safe_browsing/archive_analyzer_results.h"
#include "chrome/services/file_util/fake_file_util_service.h"
#include "chrome/services/file_util/file_util_service.h"
#include "components/safe_browsing/content/common/file_type_policies.h"
#include "content/public/test/browser_task_environment.h"
#include "content/public/test/test_utils.h"
#include "mojo/public/cpp/bindings/pending_remote.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace {
using ::testing::_;
class SandboxedDMGAnalyzerTest : public testing::Test {
public:
SandboxedDMGAnalyzerTest()
: task_environment_(content::BrowserTaskEnvironment::IO_MAINLOOP) {}
void AnalyzeFile(const base::FilePath& path,
safe_browsing::ArchiveAnalyzerResults* results) {
mojo::PendingRemote<chrome::mojom::FileUtilService> remote;
FileUtilService service(remote.InitWithNewPipeAndPassReceiver());
base::RunLoop run_loop;
ResultsGetter results_getter(run_loop.QuitClosure(), results);
std::unique_ptr<SandboxedDMGAnalyzer, base::OnTaskRunnerDeleter> analyzer =
SandboxedDMGAnalyzer::CreateAnalyzer(
path,
safe_browsing::FileTypePolicies::GetInstance()
->GetMaxFileSizeToAnalyze("dmg"),
results_getter.GetCallback(), std::move(remote));
analyzer->Start();
run_loop.Run();
}
base::FilePath GetFilePath(const char* file_name) {
base::FilePath test_data;
EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &test_data));
return test_data.AppendASCII("safe_browsing")
.AppendASCII("dmg")
.AppendASCII("data")
.AppendASCII(file_name);
}
private:
// A helper that provides a SandboxedDMGAnalyzer::ResultCallback that will
// store a copy of an analyzer's results and then run a closure.
class ResultsGetter {
public:
ResultsGetter(base::OnceClosure next_closure,
safe_browsing::ArchiveAnalyzerResults* results)
: next_closure_(std::move(next_closure)), results_(results) {}
ResultsGetter(const ResultsGetter&) = delete;
ResultsGetter& operator=(const ResultsGetter&) = delete;
SandboxedDMGAnalyzer::ResultCallback GetCallback() {
return base::BindOnce(&ResultsGetter::ResultsCallback,
base::Unretained(this));
}
private:
void ResultsCallback(const safe_browsing::ArchiveAnalyzerResults& results) {
*results_ = results;
std::move(next_closure_).Run();
}
base::OnceClosure next_closure_;
raw_ptr<safe_browsing::ArchiveAnalyzerResults> results_;
};
content::BrowserTaskEnvironment task_environment_;
};
TEST_F(SandboxedDMGAnalyzerTest, AnalyzeDMG) {
base::FilePath path;
ASSERT_NO_FATAL_FAILURE(path = GetFilePath("mach_o_in_dmg.dmg"));
safe_browsing::ArchiveAnalyzerResults results;
AnalyzeFile(path, &results);
EXPECT_TRUE(results.success);
EXPECT_TRUE(results.has_executable);
EXPECT_EQ(2, results.archived_binary.size());
bool got_executable = false, got_dylib = false;
for (const auto& binary : results.archived_binary) {
const std::string& file_name = binary.file_path();
const google::protobuf::RepeatedPtrField<
safe_browsing::ClientDownloadRequest_MachOHeaders>& headers =
binary.image_headers().mach_o_headers();
EXPECT_EQ(safe_browsing::ClientDownloadRequest_DownloadType_MAC_EXECUTABLE,
binary.download_type());
if (file_name.find("executablefat") != std::string::npos) {
got_executable = true;
ASSERT_EQ(2, headers.size());
const safe_browsing::ClientDownloadRequest_MachOHeaders& arch32 =
headers.Get(0);
EXPECT_EQ(15, arch32.load_commands().size());
EXPECT_EQ(MH_MAGIC, *reinterpret_cast<const uint32_t*>(
arch32.mach_header().c_str()));
const safe_browsing::ClientDownloadRequest_MachOHeaders& arch64 =
headers.Get(1);
EXPECT_EQ(15, arch64.load_commands().size());
EXPECT_EQ(MH_MAGIC_64, *reinterpret_cast<const uint32_t*>(
arch64.mach_header().c_str()));
const std::string& sha256_bytes = binary.digests().sha256();
std::string actual_sha256 = base::HexEncode(sha256_bytes);
EXPECT_EQ(
"E462FF752FF9D84E34D843E5D46E2012ADCBD48540A8473FB794B286A389B945",
actual_sha256);
} else if (file_name.find("lib64.dylib") != std::string::npos) {
got_dylib = true;
ASSERT_EQ(1, headers.size());
const safe_browsing::ClientDownloadRequest_MachOHeaders& arch =
headers.Get(0);
EXPECT_EQ(13, arch.load_commands().size());
EXPECT_EQ(MH_MAGIC_64,
*reinterpret_cast<const uint32_t*>(arch.mach_header().c_str()));
const std::string& sha256_bytes = binary.digests().sha256();
std::string actual_sha256 = base::HexEncode(sha256_bytes);
EXPECT_EQ(
"2012CE4987B0FA4A5D285DF7E810560E841CFAB3054BC19E1AAB345F862A6C4E",
actual_sha256);
} else {
ADD_FAILURE() << "Unexpected result file " << binary.file_path();
}
}
EXPECT_TRUE(got_executable);
EXPECT_TRUE(got_dylib);
ASSERT_EQ(1, results.detached_code_signatures.size());
const safe_browsing::ClientDownloadRequest_DetachedCodeSignature
detached_signature = results.detached_code_signatures.Get(0);
EXPECT_EQ(
"Mach-O in DMG/shell-script.app/Contents/_CodeSignature/CodeSignature",
detached_signature.file_name());
EXPECT_EQ(1842u, detached_signature.contents().size());
}
TEST_F(SandboxedDMGAnalyzerTest, AnalyzeDMGNoPartitionName) {
base::FilePath path;
ASSERT_NO_FATAL_FAILURE(
path = GetFilePath("mach_o_in_dmg_no_partition_name.dmg"));
safe_browsing::ArchiveAnalyzerResults results;
AnalyzeFile(path, &results);
EXPECT_TRUE(results.success);
EXPECT_TRUE(results.has_executable);
EXPECT_EQ(2, results.archived_binary.size());
bool got_executable = false, got_dylib = false;
for (const auto& binary : results.archived_binary) {
const std::string& file_name = binary.file_path();
const google::protobuf::RepeatedPtrField<
safe_browsing::ClientDownloadRequest_MachOHeaders>& headers =
binary.image_headers().mach_o_headers();
EXPECT_EQ(safe_browsing::ClientDownloadRequest_DownloadType_MAC_EXECUTABLE,
binary.download_type());
if (file_name.find("executablefat") != std::string::npos) {
got_executable = true;
ASSERT_EQ(2, headers.size());
const safe_browsing::ClientDownloadRequest_MachOHeaders& arch32 =
headers.Get(0);
EXPECT_EQ(15, arch32.load_commands().size());
EXPECT_EQ(MH_MAGIC, *reinterpret_cast<const uint32_t*>(
arch32.mach_header().c_str()));
const safe_browsing::ClientDownloadRequest_MachOHeaders& arch64 =
headers.Get(1);
EXPECT_EQ(15, arch64.load_commands().size());
EXPECT_EQ(MH_MAGIC_64, *reinterpret_cast<const uint32_t*>(
arch64.mach_header().c_str()));
const std::string& sha256_bytes = binary.digests().sha256();
std::string actual_sha256 = base::HexEncode(sha256_bytes);
EXPECT_EQ(
"E462FF752FF9D84E34D843E5D46E2012ADCBD48540A8473FB794B286A389B945",
actual_sha256);
} else if (file_name.find("lib64.dylib") != std::string::npos) {
got_dylib = true;
ASSERT_EQ(1, headers.size());
const safe_browsing::ClientDownloadRequest_MachOHeaders& arch =
headers.Get(0);
EXPECT_EQ(13, arch.load_commands().size());
EXPECT_EQ(MH_MAGIC_64,
*reinterpret_cast<const uint32_t*>(arch.mach_header().c_str()));
const std::string& sha256_bytes = binary.digests().sha256();
std::string actual_sha256 = base::HexEncode(sha256_bytes);
EXPECT_EQ(
"2012CE4987B0FA4A5D285DF7E810560E841CFAB3054BC19E1AAB345F862A6C4E",
actual_sha256);
} else {
ADD_FAILURE() << "Unexpected result file " << binary.file_path();
}
}
EXPECT_TRUE(got_executable);
EXPECT_TRUE(got_dylib);
ASSERT_EQ(1, results.detached_code_signatures.size());
const safe_browsing::ClientDownloadRequest_DetachedCodeSignature
detached_signature = results.detached_code_signatures.Get(0);
EXPECT_EQ(
"Mach-O in DMG/shell-script.app/Contents/_CodeSignature/CodeSignature",
detached_signature.file_name());
EXPECT_EQ(1842u, detached_signature.contents().size());
}
TEST_F(SandboxedDMGAnalyzerTest, AnalyzeDmgNoSignature) {
base::FilePath unsigned_dmg;
ASSERT_NO_FATAL_FAILURE(unsigned_dmg = GetFilePath("mach_o_in_dmg.dmg"));
safe_browsing::ArchiveAnalyzerResults results;
AnalyzeFile(unsigned_dmg, &results);
EXPECT_TRUE(results.success);
EXPECT_EQ(0u, results.signature_blob.size());
EXPECT_EQ(nullptr, results.signature_blob.data());
}
TEST_F(SandboxedDMGAnalyzerTest, AnalyzeDmgWithSignature) {
base::FilePath signed_dmg;
EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg));
signed_dmg = signed_dmg.AppendASCII("safe_browsing")
.AppendASCII("mach_o")
.AppendASCII("signed-archive.dmg");
safe_browsing::ArchiveAnalyzerResults results;
AnalyzeFile(signed_dmg, &results);
EXPECT_TRUE(results.success);
EXPECT_EQ(2215u, results.signature_blob.size());
base::FilePath signed_dmg_signature;
EXPECT_TRUE(
base::PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg_signature));
signed_dmg_signature = signed_dmg_signature.AppendASCII("safe_browsing")
.AppendASCII("mach_o")
.AppendASCII("signed-archive-signature.data");
std::string from_file;
base::ReadFileToString(signed_dmg_signature, &from_file);
EXPECT_EQ(2215u, from_file.length());
std::string signature(results.signature_blob.begin(),
results.signature_blob.end());
EXPECT_EQ(from_file, signature);
}
TEST_F(SandboxedDMGAnalyzerTest, CanDeleteDuringExecution) {
base::FilePath file_path;
ASSERT_NO_FATAL_FAILURE(file_path = GetFilePath("mach_o_in_dmg.dmg"));
base::FilePath temp_path;
ASSERT_TRUE(base::CreateTemporaryFile(&temp_path));
ASSERT_TRUE(base::CopyFile(file_path, temp_path));
mojo::PendingRemote<chrome::mojom::FileUtilService> remote;
base::RunLoop run_loop;
FakeFileUtilService service(remote.InitWithNewPipeAndPassReceiver());
EXPECT_CALL(service.GetSafeArchiveAnalyzer(), AnalyzeDmgFile(_, _, _))
.WillOnce([&](base::File dmg_file,
mojo::PendingRemote<chrome::mojom::TemporaryFileGetter>,
chrome::mojom::SafeArchiveAnalyzer::AnalyzeDmgFileCallback
callback) {
EXPECT_TRUE(base::DeleteFile(temp_path));
std::move(callback).Run(safe_browsing::ArchiveAnalyzerResults());
run_loop.Quit();
});
std::unique_ptr<SandboxedDMGAnalyzer, base::OnTaskRunnerDeleter> analyzer =
SandboxedDMGAnalyzer::CreateAnalyzer(
temp_path,
safe_browsing::FileTypePolicies::GetInstance()
->GetMaxFileSizeToAnalyze("dmg"),
base::DoNothing(), std::move(remote));
analyzer->Start();
run_loop.Run();
}
TEST_F(SandboxedDMGAnalyzerTest, InvalidPath) {
base::FilePath file_path;
EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &file_path));
file_path = file_path.AppendASCII("does_not_exist");
safe_browsing::ArchiveAnalyzerResults results;
AnalyzeFile(file_path, &results);
EXPECT_FALSE(results.success);
EXPECT_EQ(results.analysis_result,
safe_browsing::ArchiveAnalysisResult::kFailedToOpen);
}
} // namespace