1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/safe_browsing/environment_data_collection_win.h"
10 #include "base/i18n/case_conversion.h"
11 #include "base/strings/string_util.h"
12 #include "base/strings/utf_string_conversions.h"
13 #include "chrome/browser/install_verification/win/module_info.h"
14 #include "chrome/browser/install_verification/win/module_verification_common.h"
15 #include "chrome/browser/net/service_providers_win.h"
16 #include "chrome/browser/safe_browsing/path_sanitizer.h"
17 #include "chrome/common/safe_browsing/csd.pb.h"
19 namespace safe_browsing {
23 // Helper function for expanding all environment variables in |path|.
24 std::wstring ExpandEnvironmentVariables(const std::wstring& path) {
25 static const DWORD kMaxBuffer = 32 * 1024; // Max according to MSDN.
26 std::wstring path_expanded;
27 DWORD path_len = MAX_PATH;
29 DWORD result = ExpandEnvironmentStrings(
30 path.c_str(), WriteInto(&path_expanded, path_len), path_len);
32 // Failed to expand variables. Return the original string.
36 if (result <= path_len)
37 return path_expanded.substr(0, result - 1);
39 } while (path_len < kMaxBuffer);
46 bool CollectDlls(ClientIncidentReport_EnvironmentData_Process* process) {
47 // Retrieve the module list.
48 std::set<ModuleInfo> loaded_modules;
49 if (!GetLoadedModules(&loaded_modules))
52 // Sanitize path of each module and add it to the incident report.
53 PathSanitizer path_sanitizer;
54 for (std::set<ModuleInfo>::const_iterator it = loaded_modules.begin();
55 it != loaded_modules.end();
57 base::FilePath dll_path(it->name);
58 path_sanitizer.StripHomeDirectory(&dll_path);
60 ClientIncidentReport_EnvironmentData_Process_Dll* dll = process->add_dll();
61 dll->set_path(base::WideToUTF8(base::i18n::ToLower(dll_path.value())));
62 dll->set_base_address(it->base_address);
63 dll->set_length(it->size);
69 void RecordLspFeature(ClientIncidentReport_EnvironmentData_Process* process) {
70 WinsockLayeredServiceProviderList lsp_list;
71 GetWinsockLayeredServiceProviders(&lsp_list);
73 // For each LSP, we extract and sanitize the path.
74 PathSanitizer path_sanitizer;
75 std::set<std::wstring> lsp_paths;
76 for (size_t i = 0; i < lsp_list.size(); ++i) {
77 base::FilePath lsp_path(ExpandEnvironmentVariables(lsp_list[i].path));
78 path_sanitizer.StripHomeDirectory(&lsp_path);
79 lsp_paths.insert(base::i18n::ToLower(lsp_path.value()));
82 // Look for a match between LSPs and loaded dlls.
83 for (int i = 0; i < process->dll_size(); ++i) {
84 if (lsp_paths.count(base::UTF8ToWide(process->dll(i).path()))) {
85 process->mutable_dll(i)
86 ->add_feature(ClientIncidentReport_EnvironmentData_Process_Dll::LSP);
91 void CollectPlatformProcessData(
92 ClientIncidentReport_EnvironmentData_Process* process) {
94 RecordLspFeature(process);
97 } // namespace safe_browsing