nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Bug 1485180 - Instrument invalid download protection hashes. r=dimi

Browse source 
Differential Revision: https://phabricator.services.mozilla.com/D3941

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Francois Marier 2018-08-24 09:50:16 +00:00
parent 300dbd787f
commit cd457cfc82
2 changed files with 28 additions and 0 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

18
toolkit/components/reputationservice/ApplicationReputation.cpp
View file

@ -1466,6 +1466,24 @@ PendingLookup::SendRemoteQueryInternal()
"[this = %p]", this));
}
// Look for truncated hashes (see bug 1190020)
const auto originalHashLength = sha256Hash.Length();
if (originalHashLength == 0) {
AccumulateCategorical(mozilla::Telemetry::LABELS_APPLICATION_REPUTATION_HASH_LENGTH::OriginalHashEmpty);
} else if (originalHashLength < 32) {
AccumulateCategorical(mozilla::Telemetry::LABELS_APPLICATION_REPUTATION_HASH_LENGTH::OriginalHashTooShort);
} else if (originalHashLength > 32) {
AccumulateCategorical(mozilla::Telemetry::LABELS_APPLICATION_REPUTATION_HASH_LENGTH::OriginalHashTooLong);
} else if (!mRequest.has_digests()) {
AccumulateCategorical(mozilla::Telemetry::LABELS_APPLICATION_REPUTATION_HASH_LENGTH::MissingDigest);
} else if (!mRequest.digests().has_sha256()) {
AccumulateCategorical(mozilla::Telemetry::LABELS_APPLICATION_REPUTATION_HASH_LENGTH::MissingSha256);
} else if (mRequest.digests().sha256().size() != originalHashLength) {
AccumulateCategorical(mozilla::Telemetry::LABELS_APPLICATION_REPUTATION_HASH_LENGTH::InvalidSha256);
} else {
AccumulateCategorical(mozilla::Telemetry::LABELS_APPLICATION_REPUTATION_HASH_LENGTH::ValidHash);
}
// Serialize the protocol buffer to a string. This can only fail if we are
// out of memory, or if the protocol buffer req is missing required fields
// (only the URL for now).

10
toolkit/components/telemetry/Histograms.json
View file

@ -108,6 +108,16 @@
"labels": ["OtherBinaryFile", "DmgFile", "RarFile", "ZipFile"],
"description": "Whether a binary file examined by download protection is one of the common archive formats."
},
"APPLICATION_REPUTATION_HASH_LENGTH": {
"record_in_processes": ["main", "content"],
"alert_emails": ["francois@mozilla.com", "safebrowsing-telemetry@mozilla.org"],
"bug_numbers": [1485180],
"expires_in_version": "69",
"releaseChannelCollection": "opt-out",
"kind": "categorical",
"labels": ["ValidHash", "OriginalHashEmpty", "OriginalHashTooShort", "OriginalHashTooLong", "MissingDigest", "MissingSha256", "InvalidSha256"],
"description": "Whether the hash included in application reputation lookups is valid or broken in some way."
},
"APPLICATION_REPUTATION_SHOULD_BLOCK": {
"record_in_processes": ["main", "content"],
"alert_emails": ["francois@mozilla.com", "safebrowsing-telemetry@mozilla.org"],