Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(211)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/extensions/extension_file_util.cc

Issue 10690016: Check zero-length icon files during extension validation. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: icon removed Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/common/extensions/extension_file_util.h ('k') | chrome/common/extensions/extension_file_util_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/extensions/extension_file_util.h" 5 #include "chrome/common/extensions/extension_file_util.h"
6 6
7 #include <map> 7 #include <map>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/file_path.h"
10 #include "base/file_util.h" 11 #include "base/file_util.h"
11 #include "base/json/json_file_value_serializer.h" 12 #include "base/json/json_file_value_serializer.h"
12 #include "base/logging.h" 13 #include "base/logging.h"
13 #include "base/metrics/histogram.h" 14 #include "base/metrics/histogram.h"
14 #include "base/path_service.h" 15 #include "base/path_service.h"
15 #include "base/scoped_temp_dir.h" 16 #include "base/scoped_temp_dir.h"
16 #include "base/stringprintf.h" 17 #include "base/stringprintf.h"
17 #include "base/threading/thread_restrictions.h" 18 #include "base/threading/thread_restrictions.h"
18 #include "base/utf_string_conversions.h" 19 #include "base/utf_string_conversions.h"
19 #include "chrome/common/chrome_constants.h" 20 #include "chrome/common/chrome_constants.h"
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after
213 if (!Extension::ParsePEMKeyBytes(key_contents, &key_bytes)) { 214 if (!Extension::ParsePEMKeyBytes(key_contents, &key_bytes)) {
214 // If we can't parse the key, assume it's ok too. 215 // If we can't parse the key, assume it's ok too.
215 continue; 216 continue;
216 } 217 }
217 218
218 result.push_back(current); 219 result.push_back(current);
219 } 220 }
220 return result; 221 return result;
221 } 222 }
222 223
224 bool ValidateFilePath(const FilePath& path) {
225 int64 size = 0;
226 if (!file_util::PathExists(path) ||
227 !file_util::GetFileSize(path, &size) ||
228 size == 0) {
229 return false;
230 }
231
232 return true;
233 }
234
223 bool ValidateExtension(const Extension* extension, 235 bool ValidateExtension(const Extension* extension,
224 std::string* error, 236 std::string* error,
225 Extension::InstallWarningVector* warnings) { 237 Extension::InstallWarningVector* warnings) {
226 // Validate icons exist. 238 // Validate icons exist.
227 for (ExtensionIconSet::IconMap::const_iterator iter = 239 for (ExtensionIconSet::IconMap::const_iterator iter =
228 extension->icons().map().begin(); 240 extension->icons().map().begin();
229 iter != extension->icons().map().end(); 241 iter != extension->icons().map().end();
230 ++iter) { 242 ++iter) {
231 const FilePath path = extension->GetResource(iter->second).GetFilePath(); 243 const FilePath path = extension->GetResource(iter->second).GetFilePath();
232 if (!file_util::PathExists(path)) { 244 if (!ValidateFilePath(path)) {
233 *error = 245 *error =
234 l10n_util::GetStringFUTF8(IDS_EXTENSION_LOAD_ICON_FAILED, 246 l10n_util::GetStringFUTF8(IDS_EXTENSION_LOAD_ICON_FAILED,
235 UTF8ToUTF16(iter->second)); 247 UTF8ToUTF16(iter->second));
236 return false; 248 return false;
237 } 249 }
238 } 250 }
239 251
240 // Theme resource validation. 252 // Theme resource validation.
241 if (extension->is_theme()) { 253 if (extension->is_theme()) {
242 DictionaryValue* images_value = extension->GetThemeImages(); 254 DictionaryValue* images_value = extension->GetThemeImages();
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
300 const Extension::PluginInfo& plugin = extension->plugins()[i]; 312 const Extension::PluginInfo& plugin = extension->plugins()[i];
301 if (!file_util::PathExists(plugin.path)) { 313 if (!file_util::PathExists(plugin.path)) {
302 *error = 314 *error =
303 l10n_util::GetStringFUTF8( 315 l10n_util::GetStringFUTF8(
304 IDS_EXTENSION_LOAD_PLUGIN_PATH_FAILED, 316 IDS_EXTENSION_LOAD_PLUGIN_PATH_FAILED,
305 plugin.path.LossyDisplayName()); 317 plugin.path.LossyDisplayName());
306 return false; 318 return false;
307 } 319 }
308 } 320 }
309 321
310 // Validate icon location for page actions. 322 // Validate icon location and icon file size for page actions.
311 ExtensionAction* page_action = extension->page_action(); 323 ExtensionAction* page_action = extension->page_action();
312 if (page_action) { 324 if (page_action) {
313 std::vector<std::string> icon_paths(*page_action->icon_paths()); 325 std::vector<std::string> icon_paths(*page_action->icon_paths());
314 if (!page_action->default_icon_path().empty()) 326 if (!page_action->default_icon_path().empty())
315 icon_paths.push_back(page_action->default_icon_path()); 327 icon_paths.push_back(page_action->default_icon_path());
316 for (std::vector<std::string>::iterator iter = icon_paths.begin(); 328 for (std::vector<std::string>::iterator iter = icon_paths.begin();
317 iter != icon_paths.end(); ++iter) { 329 iter != icon_paths.end(); ++iter) {
318 if (!file_util::PathExists(extension->GetResource(*iter).GetFilePath())) { 330 const FilePath path = extension->GetResource(*iter).GetFilePath();
331 if (!ValidateFilePath(path)) {
319 *error = 332 *error =
320 l10n_util::GetStringFUTF8( 333 l10n_util::GetStringFUTF8(
321 IDS_EXTENSION_LOAD_ICON_FOR_PAGE_ACTION_FAILED, 334 IDS_EXTENSION_LOAD_ICON_FOR_PAGE_ACTION_FAILED,
322 UTF8ToUTF16(*iter)); 335 UTF8ToUTF16(*iter));
323 return false; 336 return false;
324 } 337 }
325 } 338 }
326 } 339 }
327 340
328 // Validate icon location for browser actions. 341 // Validate icon location and icon file size for browser actions.
329 // Note: browser actions don't use the icon_paths(). 342 // Note: browser actions don't use the icon_paths().
330 ExtensionAction* browser_action = extension->browser_action(); 343 ExtensionAction* browser_action = extension->browser_action();
331 if (browser_action) { 344 if (browser_action) {
332 std::string path = browser_action->default_icon_path(); 345 std::string path = browser_action->default_icon_path();
333 if (!path.empty() && 346 if (!path.empty()) {
334 !file_util::PathExists(extension->GetResource(path).GetFilePath())) { 347 const FilePath file_path = extension->GetResource(path).GetFilePath();
348 if (!ValidateFilePath(file_path)) {
335 *error = 349 *error =
336 l10n_util::GetStringFUTF8( 350 l10n_util::GetStringFUTF8(
337 IDS_EXTENSION_LOAD_ICON_FOR_BROWSER_ACTION_FAILED, 351 IDS_EXTENSION_LOAD_ICON_FOR_BROWSER_ACTION_FAILED,
338 UTF8ToUTF16(path)); 352 UTF8ToUTF16(path));
339 return false; 353 return false;
354 }
340 } 355 }
341 } 356 }
342 357
343 // Validate that background scripts exist. 358 // Validate that background scripts exist.
344 for (size_t i = 0; i < extension->background_scripts().size(); ++i) { 359 for (size_t i = 0; i < extension->background_scripts().size(); ++i) {
345 if (!file_util::PathExists( 360 if (!file_util::PathExists(
346 extension->GetResource( 361 extension->GetResource(
347 extension->background_scripts()[i]).GetFilePath())) { 362 extension->background_scripts()[i]).GetFilePath())) {
348 *error = l10n_util::GetStringFUTF8( 363 *error = l10n_util::GetStringFUTF8(
349 IDS_EXTENSION_LOAD_BACKGROUND_SCRIPT_FAILED, 364 IDS_EXTENSION_LOAD_BACKGROUND_SCRIPT_FAILED,
(...skipping 422 matching lines...) Expand 10 before | Expand all | Expand 10 after
772 return temp_path; 787 return temp_path;
773 788
774 return FilePath(); 789 return FilePath();
775 } 790 }
776 791
777 void DeleteFile(const FilePath& path, bool recursive) { 792 void DeleteFile(const FilePath& path, bool recursive) {
778 file_util::Delete(path, recursive); 793 file_util::Delete(path, recursive);
779 } 794 }
780 795
781 } // namespace extension_file_util 796 } // namespace extension_file_util
OLDNEW
« no previous file with comments | « chrome/common/extensions/extension_file_util.h ('k') | chrome/common/extensions/extension_file_util_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698