Skip to content

Instantly share code, notes, and snippets.

@fmarier
Created March 10, 2023 23:27
Show Gist options
  • Save fmarier/cc5354779141cc47c1f2cfbc6f4c0109 to your computer and use it in GitHub Desktop.
Save fmarier/cc5354779141cc47c1f2cfbc6f4c0109 to your computer and use it in GitHub Desktop.
Debugging statements to help figure out why downloads are blocked by Safe Browsing in Chromium
diff --git a/chrome/browser/download/chrome_download_manager_delegate.cc b/chrome/browser/download/chrome_download_manager_delegate.cc
index 45115ca156fbd4525eab6c380afb7b3dbe8b7d6c..2b665d06aaf4e237206136dcf8a259b5505cdbaa 100644
--- a/chrome/browser/download/chrome_download_manager_delegate.cc
+++ b/chrome/browser/download/chrome_download_manager_delegate.cc
@@ -1348,10 +1348,14 @@ void ChromeDownloadManagerDelegate::CheckClientDownloadDone(
}
DCHECK_NE(danger_type,
download::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT);
+ // https://source.chromium.org/chromium/chromium/src/+/main:components/safe_browsing/core/browser/download_check_result.h;l=12;drc=e94294450e2ac29ad5ce1f3c2be745abe71d7d88
+ // https://source.chromium.org/chromium/chromium/src/+/main:components/download/public/common/download_danger_type.h;l=17;drc=e94294450e2ac29ad5ce1f3c2be745abe71d7d88
+ LOG(ERROR) << "DownloadCheckResult=" << static_cast<int>(result) << "; DownloadDangerType=" << static_cast<int>(danger_type);
if (item->GetState() == DownloadItem::COMPLETE &&
item->GetDangerType() ==
download::DOWNLOAD_DANGER_TYPE_ASYNC_SCANNING) {
+
// If the file was opened during async scanning, we override the danger
// type, since the user can no longer discard the download.
if (danger_type != download::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) {
diff --git a/chrome/browser/safe_browsing/download_protection/check_client_download_request_base.cc b/chrome/browser/safe_browsing/download_protection/check_client_download_request_base.cc
index 13082da72153735915d398e6c3e0f9ba0aaaa688..6ae649a42c2dfea622321c541ca107d76e5bde23 100644
--- a/chrome/browser/safe_browsing/download_protection/check_client_download_request_base.cc
+++ b/chrome/browser/safe_browsing/download_protection/check_client_download_request_base.cc
@@ -144,7 +144,9 @@ void CheckClientDownloadRequestBase::FinishRequest(
DownloadCheckResult result,
DownloadCheckResultReason reason) {
DCHECK_CURRENTLY_ON(BrowserThread::UI);
-
+ // https://source.chromium.org/chromium/chromium/src/+/main:components/safe_browsing/core/browser/download_check_result.h;l=12;drc=e94294450e2ac29ad5ce1f3c2be745abe71d7d88
+ // https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/safe_browsing/download_protection/download_protection_util.h;l=21;drc=e94294450e2ac29ad5ce1f3c2be745abe71d7d88
+ LOG(ERROR) << "DownloadCheckResult=" << static_cast<unsigned int>(result) << "; DownloadCheckResultReason=" << static_cast<unsigned int>(reason);
if (!request_start_time_.is_null()) {
base::UmaHistogramEnumeration(
"SBClientDownload.DownloadRequestNetworkStats", reason, REASON_MAX);
diff --git a/chrome/browser/safe_browsing/download_protection/download_url_sb_client.cc b/chrome/browser/safe_browsing/download_protection/download_url_sb_client.cc
index 4853ec562daaa3c04a370797abbccce7e666ff9d..2f1bba00fcafd8c02ae531526973c97bbc148ed8 100644
--- a/chrome/browser/safe_browsing/download_protection/download_url_sb_client.cc
+++ b/chrome/browser/safe_browsing/download_protection/download_url_sb_client.cc
@@ -89,6 +89,8 @@ void DownloadUrlSBClient::CheckDone(SBThreatType threat_type) {
DownloadCheckResult result = IsDangerous(threat_type)
? DownloadCheckResult::DANGEROUS
: DownloadCheckResult::SAFE;
+ // https://source.chromium.org/chromium/chromium/src/+/main:components/safe_browsing/core/browser/db/v4_protocol_manager_util.h;l=122;drc=e94294450e2ac29ad5ce1f3c2be745abe71d7d88?q=SBThreatType&ss=chromium%2Fchromium%2Fsrc
+ LOG(ERROR) << "SBThreatType=" << threat_type;
UpdateDownloadCheckStats(total_type_);
if (threat_type != SB_THREAT_TYPE_SAFE) {
UpdateDownloadCheckStats(dangerous_type_);
diff --git a/components/safe_browsing/core/browser/db/v4_local_database_manager.cc b/components/safe_browsing/core/browser/db/v4_local_database_manager.cc
index 07fa2b8e12a4575aa56b5b83fb06f6886f06badd..84b38acca6ec6c6790c8f80122de31bfd8f12015 100644
--- a/components/safe_browsing/core/browser/db/v4_local_database_manager.cc
+++ b/components/safe_browsing/core/browser/db/v4_local_database_manager.cc
@@ -24,6 +24,7 @@
#include "base/strings/strcat.h"
#include "base/strings/string_piece.h"
#include "base/strings/string_tokenizer.h"
+#include "base/strings/stringprintf.h"
#include "base/task/sequenced_task_runner.h"
#include "base/task/thread_pool.h"
#include "build/branding_buildflags.h"
@@ -801,6 +802,12 @@ void V4LocalDatabaseManager::GetSeverestThreatTypeAndMetadata(
DCHECK(it != full_hashes.end());
(*full_hash_threat_types)[it - full_hashes.begin()] = threat_type;
+ std::string hex_string;
+ for (auto const& c : fhi.full_hash) {
+ hex_string += base::StringPrintf("%02x", static_cast<unsigned char>(c));
+ }
+ // https://source.chromium.org/chromium/chromium/src/+/main:components/safe_browsing/core/browser/db/v4_protocol_manager_util.h;l=122;drc=e94294450e2ac29ad5ce1f3c2be745abe71d7d88
+ LOG(ERROR) << "-> " << hex_string << " = (ThreatSeverity=" << severity << ", SBThreatType=" << threat_type << ")";
if (severity < most_severe_yet) {
most_severe_yet = severity;
*most_severe_threat_type = threat_type;
diff --git a/components/safe_browsing/core/browser/db/v4_protocol_manager_util.cc b/components/safe_browsing/core/browser/db/v4_protocol_manager_util.cc
index ed25c3e42a321d41e12b7406b38afb9cab55321f..56668967d1c1f3f3f1e59d7b1bb9b7374c28b53f 100644
--- a/components/safe_browsing/core/browser/db/v4_protocol_manager_util.cc
+++ b/components/safe_browsing/core/browser/db/v4_protocol_manager_util.cc
@@ -339,6 +339,8 @@ void V4ProtocolManagerUtil::UrlToFullHashes(
std::string canon_host, canon_path, canon_query;
CanonicalizeUrl(url, &canon_host, &canon_path, &canon_query);
+ LOG(ERROR) << "URL " << url << ":";
+
std::vector<std::string> hosts;
if (url.HostIsIPAddress()) {
hosts.push_back(url.host());
@@ -352,7 +354,13 @@ void V4ProtocolManagerUtil::UrlToFullHashes(
full_hashes->reserve(full_hashes->size() + hosts.size() * paths.size());
for (const std::string& host : hosts) {
for (const std::string& path : paths) {
- full_hashes->push_back(crypto::SHA256HashString(host + path));
+ auto hash = crypto::SHA256HashString(host + path);
+ std::string hex_string;
+ for (auto const& c : hash) {
+ hex_string += base::StringPrintf("%02x", static_cast<unsigned char>(c));
+ }
+ LOG(ERROR) << " " << host << path << "=" << hex_string;
+ full_hashes->push_back(hash);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment