1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <shlobj.h>
6 #include <shobjidl.h>
7
8 #include "content/browser/safe_util_win.h"
9
10 #include "base/files/file_path.h"
11 #include "base/logging.h"
12 #include "base/path_service.h"
13 #include "base/strings/string_util.h"
14 #include "base/strings/utf_string_conversions.h"
15 #include "base/win/scoped_comptr.h"
16 #include "ui/base/win/shell.h"
17 #include "url/gurl.h"
18
19 namespace content {
20 namespace {
21
22 // Sets the Zone Identifier on the file to "Internet" (3). Returns true if the
23 // function succeeds, false otherwise. A failure is expected on system where
24 // the Zone Identifier is not supported, like a machine with a FAT32 filesystem.
25 // This function does not invoke Windows Attachment Execution Services.
26 //
27 // |full_path| is the path to the downloaded file.
SetInternetZoneIdentifierDirectly(const base::FilePath & full_path)28 bool SetInternetZoneIdentifierDirectly(const base::FilePath& full_path) {
29 const DWORD kShare = FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE;
30 std::wstring path = full_path.value() + L":Zone.Identifier";
31 HANDLE file = CreateFile(path.c_str(), GENERIC_WRITE, kShare, NULL,
32 OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
33 if (INVALID_HANDLE_VALUE == file)
34 return false;
35
36 static const char kIdentifier[] = "[ZoneTransfer]\r\nZoneId=3\r\n";
37 // Don't include trailing null in data written.
38 static const DWORD kIdentifierSize = arraysize(kIdentifier) - 1;
39 DWORD written = 0;
40 BOOL result = WriteFile(file, kIdentifier, kIdentifierSize, &written, NULL);
41 BOOL flush_result = FlushFileBuffers(file);
42 CloseHandle(file);
43
44 if (!result || !flush_result || written != kIdentifierSize) {
45 NOTREACHED();
46 return false;
47 }
48
49 return true;
50 }
51
52 } // namespace
53
AVScanFile(const base::FilePath & full_path,const std::string & source_url,const GUID & client_guid)54 HRESULT AVScanFile(const base::FilePath& full_path,
55 const std::string& source_url,
56 const GUID& client_guid) {
57 base::win::ScopedComPtr<IAttachmentExecute> attachment_services;
58 HRESULT hr = attachment_services.CreateInstance(CLSID_AttachmentServices);
59
60 if (FAILED(hr)) {
61 // The thread must have COM initialized.
62 DCHECK_NE(CO_E_NOTINITIALIZED, hr);
63
64 // We don't have Attachment Execution Services, it must be a pre-XP.SP2
65 // Windows installation, or the thread does not have COM initialized. Try to
66 // set the zone information directly. Failure is not considered an error.
67 SetInternetZoneIdentifierDirectly(full_path);
68 return hr;
69 }
70
71 if (!IsEqualGUID(client_guid, GUID_NULL)) {
72 hr = attachment_services->SetClientGuid(client_guid);
73 if (FAILED(hr))
74 return hr;
75 }
76
77 hr = attachment_services->SetLocalPath(full_path.value().c_str());
78 if (FAILED(hr))
79 return hr;
80
81 // Note: SetSource looks like it needs to be called, even if empty.
82 // Docs say it is optional, but it appears not calling it at all sets
83 // a zone that is too restrictive.
84 hr = attachment_services->SetSource(base::UTF8ToWide(source_url).c_str());
85 if (FAILED(hr))
86 return hr;
87
88 // A failure in the Save() call below could result in the downloaded file
89 // being deleted.
90 return attachment_services->Save();
91 }
92
93 } // namespace content
94