1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/common/safe_browsing/zip_analyzer.h" 6 7 #include "base/logging.h" 8 #include "chrome/common/safe_browsing/download_protection_util.h" 9 #include "third_party/zlib/google/zip_reader.h" 10 11 namespace safe_browsing { 12 namespace zip_analyzer { 13 AnalyzeZipFile(base::File zip_file,Results * results)14void AnalyzeZipFile(base::File zip_file, Results* results) { 15 zip::ZipReader reader; 16 // OpenFromPlatformFile may close the handle even when it fails, but there is 17 // no way to know if it did that or not. Assume it did (that's the common 18 // case). 19 if (!reader.OpenFromPlatformFile(zip_file.TakePlatformFile())) { 20 VLOG(1) << "Failed to open zip file"; 21 return; 22 } 23 24 bool advanced = true; 25 for (; reader.HasMore(); advanced = reader.AdvanceToNextEntry()) { 26 if (!advanced) { 27 VLOG(1) << "Could not advance to next entry, aborting zip scan."; 28 return; 29 } 30 if (!reader.OpenCurrentEntryInZip()) { 31 VLOG(1) << "Failed to open current entry in zip file"; 32 continue; 33 } 34 const base::FilePath& file = reader.current_entry_info()->file_path(); 35 if (download_protection_util::IsBinaryFile(file)) { 36 // Don't consider an archived archive to be executable, but record 37 // a histogram. 38 if (download_protection_util::IsArchiveFile(file)) { 39 results->has_archive = true; 40 } else { 41 VLOG(2) << "Downloaded a zipped executable: " << file.value(); 42 results->has_executable = true; 43 break; 44 } 45 } else { 46 VLOG(3) << "Ignoring non-binary file: " << file.value(); 47 } 48 } 49 results->success = true; 50 } 51 52 } // namespace zip_analyzer 53 } // namespace safe_browsing 54