28ada6ea8b
* chore: bump chromium in DEPS to 99.0.4819.0
* chore: update patches
* chore: bump chromium in DEPS to 99.0.4824.0
* chore: update patches
* chore: bump chromium in DEPS to 99.0.4827.0
* chore: update patches
* 3352511: PiP: Add inkdrop and pointer cursor to PiP window buttons
https://chromium-review.googlesource.com/c/chromium/src/+/3352511
* 3309164: webhid: Show FIDO devices in the chooser if allowed
https://chromium-review.googlesource.com/c/chromium/src/+/3309164
* 3297868: hid: Add experimental HIDDevice.forget()
https://chromium-review.googlesource.com/c/chromium/src/+/3297868
* 3362491: [Extensions] Move i18n API to //extensions
https://chromium-review.googlesource.com/c/chromium/src/+/3362491
* MCC Refactor step0: Allow embedders to register associated_interface binders with RenderFrameHostImpl::associated_registry_.
https://chromium-review.googlesource.com/c/chromium/src/+/3281481
* 3352616: [Gtk] Remove libgtk from the link-line
https://chromium-review.googlesource.com/c/chromium/src/+/3352616
* 3249211: Clear-Site-Data support for partitioned cookies
https://chromium-review.googlesource.com/c/chromium/src/+/3249211
* [Extensions][COIL] Use [allow|block]list in //extensions/common
https://chromium-review.googlesource.com/c/chromium/src/+/3372668
* Begin ScopedUserPrefUpdate migration to modern base::Value
https://chromium-review.googlesource.com/c/chromium/src/+/3376154
* [Code Health] Refactor PrefService GetDict + GetList to use base::Value
https://chromium-review.googlesource.com/c/chromium/src/+/3343526
* 3354997: [CodeHealth] Remove deprecated SetDictionary method
https://chromium-review.googlesource.com/c/chromium/src/+/3354997
* 3287323: Add LacrosPrefStore for lacros settings
https://chromium-review.googlesource.com/c/chromium/src/+/3287323
* 3365916: [PA] Clean up remaining lazy commit code
https://chromium-review.googlesource.com/c/chromium/src/+/3365916
* [MPArch] Target the external protocol error at the responsible frame.
https://chromium-review.googlesource.com/c/chromium/src/+/3011560
* Pass origin to RegisterNonNetworkSubresourceURLLoaderFactories
https://chromium-review.googlesource.com/c/chromium/src/+/3350608
* Linux: Send OSCrypt raw encryption key to the Network Service
https://chromium-review.googlesource.com/c/chromium/src/+/3320484
* [PlzServiceWorker] Remove remaining references to PlzServiceWorker.
https://chromium-review.googlesource.com/c/chromium/src/+/3359441
* chore: fixup for lint
* 3327621: Fix tablet mode detection for Win 11.
https://chromium-review.googlesource.com/c/chromium/src/+/3327621
* 3342428: ax_mac: move AXTextMarker conversion utils under ui umbrella
https://chromium-review.googlesource.com/c/chromium/src/+/3342428
* 3353974: Mac: Use base::Feature for overlay features
https://chromium-review.googlesource.com/c/chromium/src/+/3353974
* chore: bump chromium in DEPS to 99.0.4828.0
* chore: update patches
* chore: bump chromium in DEPS to 99.0.4837.0
* chore: update patches
* chore: update patches
* 3379142: Drop FALLTHROUGH macro
Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3379142
* 3381749: C++17: Allow use of std::map::try_emplace and std::map::insert_or_assign
Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3381749
* chore: bump chromium in DEPS to 99.0.4839.0
* chore: update patches
* chore: bump chromium in DEPS to 99.0.4840.0
* chore: bump chromium in DEPS to 99.0.4844.0
* 3395881: [api] Deprecate Local<v8::Context> v8::Object::CreationContext()
Ref: https://chromium-review.googlesource.com/c/v8/v8/+/3395881
* chore: update patches
* chore: bump chromium in DEPS to 100.0.4845.0
* chore: update patches
* chore: bump chromium in DEPS to 100.0.4847.0
* chore: update patches
* chore: bump chromium in DEPS to 100.0.4849.0
* chore: update patches
* chore: bump chromium in DEPS to 100.0.4851.0
* chore: bump chromium in DEPS to 100.0.4853.0
* update patches
* chore: update patches
* update patches
* 3383599: Fonts Access: Remove prototype that uses a font picker.
https://chromium-review.googlesource.com/c/chromium/src/+/3383599
* 3404768: Remove ALLOW_UNUSED macros
https://chromium-review.googlesource.com/c/chromium/src/+/3404768
* 3374762: Remove ignore_result.h
https://chromium-review.googlesource.com/c/chromium/src/+/3374762
* 3399305: [unseasoned-pdf] Apply proper frame offsets for touch selections
https://chromium-review.googlesource.com/c/chromium/src/+/3399305
* 3402210: [Extensions] Don't trigger unload event for already unloaded extension
https://chromium-review.googlesource.com/c/chromium/src/+/3402210
* 3410912: Combine URLLoaderClient OnReceiveResponse and OnStartLoadingResponseBody.
https://chromium-review.googlesource.com/c/chromium/src/+/3410912
* 3370428: Make the AuthSchemes policy support dynamic refresh
https://chromium-review.googlesource.com/c/chromium/src/+/3370428
* 3407603: Finish ScopedUserPrefUpdate migration to modern base::Value
https://chromium-review.googlesource.com/c/chromium/src/+/3407603
* 3378352: ozone/x11: move code from //ui/p/x11 to //ui/ozone/p/x11
https://chromium-review.googlesource.com/c/chromium/src/+/3378352
* 3370810: Delete chrome/service, AKA the Cloud Print service process.
https://chromium-review.googlesource.com/c/chromium/src/+/3370810
* chore: bump chromium in DEPS to 100.0.4855.0
* chore: update patches
* fixup! 3370810: Delete chrome/service, AKA the Cloud Print service process.
* revert 3348007 to fix windows build
* 3318572: [Code health] Fix gn check errors in //extensions/browser:*
https://chromium-review.googlesource.com/c/chromium/src/+/3318572
* fix printing.patch
* fix iwyu issue
* 3408515: win: Make ShorcutOperation an enum class and modernize names
https://chromium-review.googlesource.com/c/chromium/src/+/3408515
* 3388333: [UIA] Remove dead code accessibility_misc_utils.h/cc
https://chromium-review.googlesource.com/c/chromium/src/+/3388333
* fix windows build? i hope
* patch gn visibility of //ui/ozone/platform/x11
* missing include base/logging.h
* use BUILDFLAG for USE_NSS_CERTS
https://chromium-review.googlesource.com/c/chromium/src/+/3379123
* defined(OS_*) ==> BUILDFLAG(IS_*)
https://bugs.chromium.org/p/chromium/issues/detail?id=1234043
* fixup! 3404768: Remove ALLOW_UNUSED macros
* another attempt to fix windows build
* temporarily disable the custom scheme service worker test
https://github.com/electron/electron/issues/32664
* fix loading mv3 extensions
not sure what cl broke this unfort.
* fixup! 3404768: Remove ALLOW_UNUSED macros
* patch nan
https://chromium-review.googlesource.com/c/v8/v8/+/3395880
* fix node test
* fix nullptr in FindPdfFrame
* patch perfetto to fix build issue on win-ia32
bc44c3c753
* fix build for linux-x64-testing-no-run-as-node
* fix patch
* skip <webview>.capturePage() test
https://github.com/electron/electron/issues/32705
* test: fix failing tests of focus/blur events of WebContents (#32711)
* inherit stdio from app module test child processes
this prevents them from timing out due to full stdout buffers
* test to see if we can get better logs on windows ci
* try again for appveyor log things
* skip contentTracing tests on ia32
* ci: disable gpu compositing
* drop applied patch
* fix merge fail
* Revert "ci: disable gpu compositing"
This reverts commit 0344129fcb19ea3e87e06c1110d751f22eba3fec.
Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
Co-authored-by: John Kleinschmidt <jkleinsc@github.com>
Co-authored-by: VerteDinde <khammond@slack-corp.com>
Co-authored-by: VerteDinde <vertedinde@electronjs.org>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
Co-authored-by: Jeremy Rose <nornagon@nornagon.net>
Co-authored-by: Cheng Zhao <zcbenz@gmail.com>
Co-authored-by: deepak1556 <hop2deep@gmail.com>
419 lines
12 KiB
C++
419 lines
12 KiB
C++
// Copyright (c) 2014 GitHub, Inc.
|
|
// Use of this source code is governed by the MIT license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#include "shell/common/asar/archive.h"
|
|
|
|
#include <string>
|
|
#include <utility>
|
|
#include <vector>
|
|
|
|
#include "base/check.h"
|
|
#include "base/files/file.h"
|
|
#include "base/files/file_util.h"
|
|
#include "base/json/json_reader.h"
|
|
#include "base/logging.h"
|
|
#include "base/pickle.h"
|
|
#include "base/strings/string_number_conversions.h"
|
|
#include "base/task/post_task.h"
|
|
#include "base/threading/thread_restrictions.h"
|
|
#include "base/values.h"
|
|
#include "electron/fuses.h"
|
|
#include "shell/common/asar/asar_util.h"
|
|
#include "shell/common/asar/scoped_temporary_file.h"
|
|
|
|
#if BUILDFLAG(IS_WIN)
|
|
#include <io.h>
|
|
#endif
|
|
|
|
namespace asar {
|
|
|
|
namespace {
|
|
|
|
#if BUILDFLAG(IS_WIN)
|
|
const char kSeparators[] = "\\/";
|
|
#else
|
|
const char kSeparators[] = "/";
|
|
#endif
|
|
|
|
bool GetNodeFromPath(std::string path,
|
|
const base::DictionaryValue* root,
|
|
const base::DictionaryValue** out);
|
|
|
|
// Gets the "files" from "dir".
|
|
bool GetFilesNode(const base::DictionaryValue* root,
|
|
const base::DictionaryValue* dir,
|
|
const base::DictionaryValue** out) {
|
|
// Test for symbol linked directory.
|
|
const std::string* link = dir->FindStringKey("link");
|
|
if (link != nullptr) {
|
|
const base::DictionaryValue* linked_node = nullptr;
|
|
if (!GetNodeFromPath(*link, root, &linked_node))
|
|
return false;
|
|
dir = linked_node;
|
|
}
|
|
|
|
return dir->GetDictionaryWithoutPathExpansion("files", out);
|
|
}
|
|
|
|
// Gets sub-file "name" from "dir".
|
|
bool GetChildNode(const base::DictionaryValue* root,
|
|
const std::string& name,
|
|
const base::DictionaryValue* dir,
|
|
const base::DictionaryValue** out) {
|
|
if (name.empty()) {
|
|
*out = root;
|
|
return true;
|
|
}
|
|
|
|
const base::DictionaryValue* files = nullptr;
|
|
return GetFilesNode(root, dir, &files) &&
|
|
files->GetDictionaryWithoutPathExpansion(name, out);
|
|
}
|
|
|
|
// Gets the node of "path" from "root".
|
|
bool GetNodeFromPath(std::string path,
|
|
const base::DictionaryValue* root,
|
|
const base::DictionaryValue** out) {
|
|
if (path.empty()) {
|
|
*out = root;
|
|
return true;
|
|
}
|
|
|
|
const base::DictionaryValue* dir = root;
|
|
for (size_t delimiter_position = path.find_first_of(kSeparators);
|
|
delimiter_position != std::string::npos;
|
|
delimiter_position = path.find_first_of(kSeparators)) {
|
|
const base::DictionaryValue* child = nullptr;
|
|
if (!GetChildNode(root, path.substr(0, delimiter_position), dir, &child))
|
|
return false;
|
|
|
|
dir = child;
|
|
path.erase(0, delimiter_position + 1);
|
|
}
|
|
|
|
return GetChildNode(root, path, dir, out);
|
|
}
|
|
|
|
bool FillFileInfoWithNode(Archive::FileInfo* info,
|
|
uint32_t header_size,
|
|
bool load_integrity,
|
|
const base::DictionaryValue* node) {
|
|
if (auto size = node->FindIntKey("size")) {
|
|
info->size = static_cast<uint32_t>(size.value());
|
|
} else {
|
|
return false;
|
|
}
|
|
|
|
if (auto unpacked = node->FindBoolKey("unpacked")) {
|
|
info->unpacked = unpacked.value();
|
|
if (info->unpacked) {
|
|
return true;
|
|
}
|
|
}
|
|
|
|
auto* offset = node->FindStringKey("offset");
|
|
if (offset &&
|
|
base::StringToUint64(base::StringPiece(*offset), &info->offset)) {
|
|
info->offset += header_size;
|
|
} else {
|
|
return false;
|
|
}
|
|
|
|
if (auto executable = node->FindBoolKey("executable")) {
|
|
info->executable = executable.value();
|
|
}
|
|
|
|
#if BUILDFLAG(IS_MAC)
|
|
if (load_integrity &&
|
|
electron::fuses::IsEmbeddedAsarIntegrityValidationEnabled()) {
|
|
if (auto* integrity = node->FindDictKey("integrity")) {
|
|
auto* algorithm = integrity->FindStringKey("algorithm");
|
|
auto* hash = integrity->FindStringKey("hash");
|
|
auto block_size = integrity->FindIntKey("blockSize");
|
|
auto* blocks = integrity->FindListKey("blocks");
|
|
|
|
if (algorithm && hash && block_size && block_size > 0 && blocks) {
|
|
IntegrityPayload integrity_payload;
|
|
integrity_payload.hash = *hash;
|
|
integrity_payload.block_size =
|
|
static_cast<uint32_t>(block_size.value());
|
|
for (auto& value : blocks->GetList()) {
|
|
if (auto* block = value.GetIfString()) {
|
|
integrity_payload.blocks.push_back(*block);
|
|
} else {
|
|
LOG(FATAL)
|
|
<< "Invalid block integrity value for file in ASAR archive";
|
|
}
|
|
}
|
|
if (*algorithm == "SHA256") {
|
|
integrity_payload.algorithm = HashAlgorithm::SHA256;
|
|
info->integrity = std::move(integrity_payload);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!info->integrity.has_value()) {
|
|
LOG(FATAL) << "Failed to read integrity for file in ASAR archive";
|
|
return false;
|
|
}
|
|
}
|
|
#endif
|
|
|
|
return true;
|
|
}
|
|
|
|
} // namespace
|
|
|
|
IntegrityPayload::IntegrityPayload()
|
|
: algorithm(HashAlgorithm::NONE), block_size(0) {}
|
|
IntegrityPayload::~IntegrityPayload() = default;
|
|
IntegrityPayload::IntegrityPayload(const IntegrityPayload& other) = default;
|
|
|
|
Archive::FileInfo::FileInfo()
|
|
: unpacked(false), executable(false), size(0), offset(0) {}
|
|
Archive::FileInfo::~FileInfo() = default;
|
|
|
|
Archive::Archive(const base::FilePath& path)
|
|
: initialized_(false), path_(path), file_(base::File::FILE_OK) {
|
|
base::ThreadRestrictions::ScopedAllowIO allow_io;
|
|
file_.Initialize(path_, base::File::FLAG_OPEN | base::File::FLAG_READ);
|
|
#if BUILDFLAG(IS_WIN)
|
|
fd_ = _open_osfhandle(reinterpret_cast<intptr_t>(file_.GetPlatformFile()), 0);
|
|
#elif BUILDFLAG(IS_POSIX)
|
|
fd_ = file_.GetPlatformFile();
|
|
#endif
|
|
}
|
|
|
|
Archive::~Archive() {
|
|
#if BUILDFLAG(IS_WIN)
|
|
if (fd_ != -1) {
|
|
_close(fd_);
|
|
// Don't close the handle since we already closed the fd.
|
|
file_.TakePlatformFile();
|
|
}
|
|
#endif
|
|
base::ThreadRestrictions::ScopedAllowIO allow_io;
|
|
file_.Close();
|
|
}
|
|
|
|
bool Archive::Init() {
|
|
// Should only be initialized once
|
|
CHECK(!initialized_);
|
|
initialized_ = true;
|
|
|
|
if (!file_.IsValid()) {
|
|
if (file_.error_details() != base::File::FILE_ERROR_NOT_FOUND) {
|
|
LOG(WARNING) << "Opening " << path_.value() << ": "
|
|
<< base::File::ErrorToString(file_.error_details());
|
|
}
|
|
return false;
|
|
}
|
|
|
|
std::vector<char> buf;
|
|
int len;
|
|
|
|
buf.resize(8);
|
|
{
|
|
base::ThreadRestrictions::ScopedAllowIO allow_io;
|
|
len = file_.ReadAtCurrentPos(buf.data(), buf.size());
|
|
}
|
|
if (len != static_cast<int>(buf.size())) {
|
|
PLOG(ERROR) << "Failed to read header size from " << path_.value();
|
|
return false;
|
|
}
|
|
|
|
uint32_t size;
|
|
if (!base::PickleIterator(base::Pickle(buf.data(), buf.size()))
|
|
.ReadUInt32(&size)) {
|
|
LOG(ERROR) << "Failed to parse header size from " << path_.value();
|
|
return false;
|
|
}
|
|
|
|
buf.resize(size);
|
|
{
|
|
base::ThreadRestrictions::ScopedAllowIO allow_io;
|
|
len = file_.ReadAtCurrentPos(buf.data(), buf.size());
|
|
}
|
|
if (len != static_cast<int>(buf.size())) {
|
|
PLOG(ERROR) << "Failed to read header from " << path_.value();
|
|
return false;
|
|
}
|
|
|
|
std::string header;
|
|
if (!base::PickleIterator(base::Pickle(buf.data(), buf.size()))
|
|
.ReadString(&header)) {
|
|
LOG(ERROR) << "Failed to parse header from " << path_.value();
|
|
return false;
|
|
}
|
|
|
|
#if BUILDFLAG(IS_MAC)
|
|
// Validate header signature if required and possible
|
|
if (electron::fuses::IsEmbeddedAsarIntegrityValidationEnabled() &&
|
|
RelativePath().has_value()) {
|
|
absl::optional<IntegrityPayload> integrity = HeaderIntegrity();
|
|
if (!integrity.has_value()) {
|
|
LOG(FATAL) << "Failed to get integrity for validatable asar archive: "
|
|
<< RelativePath().value();
|
|
return false;
|
|
}
|
|
|
|
// Currently we only support the sha256 algorithm, we can add support for
|
|
// more below ensure we read them in preference order from most secure to
|
|
// least
|
|
if (integrity.value().algorithm != HashAlgorithm::NONE) {
|
|
ValidateIntegrityOrDie(header.c_str(), header.length(),
|
|
integrity.value());
|
|
} else {
|
|
LOG(FATAL) << "No eligible hash for validatable asar archive: "
|
|
<< RelativePath().value();
|
|
}
|
|
|
|
header_validated_ = true;
|
|
}
|
|
#endif
|
|
|
|
absl::optional<base::Value> value = base::JSONReader::Read(header);
|
|
if (!value || !value->is_dict()) {
|
|
LOG(ERROR) << "Failed to parse header";
|
|
return false;
|
|
}
|
|
|
|
header_size_ = 8 + size;
|
|
header_ = base::DictionaryValue::From(
|
|
base::Value::ToUniquePtrValue(std::move(*value)));
|
|
return true;
|
|
}
|
|
|
|
#if !BUILDFLAG(IS_MAC)
|
|
absl::optional<IntegrityPayload> Archive::HeaderIntegrity() const {
|
|
return absl::nullopt;
|
|
}
|
|
|
|
absl::optional<base::FilePath> Archive::RelativePath() const {
|
|
return absl::nullopt;
|
|
}
|
|
#endif
|
|
|
|
bool Archive::GetFileInfo(const base::FilePath& path, FileInfo* info) const {
|
|
if (!header_)
|
|
return false;
|
|
|
|
const base::DictionaryValue* node;
|
|
if (!GetNodeFromPath(path.AsUTF8Unsafe(), header_.get(), &node))
|
|
return false;
|
|
|
|
std::string link;
|
|
if (node->GetString("link", &link))
|
|
return GetFileInfo(base::FilePath::FromUTF8Unsafe(link), info);
|
|
|
|
return FillFileInfoWithNode(info, header_size_, header_validated_, node);
|
|
}
|
|
|
|
bool Archive::Stat(const base::FilePath& path, Stats* stats) const {
|
|
if (!header_)
|
|
return false;
|
|
|
|
const base::DictionaryValue* node;
|
|
if (!GetNodeFromPath(path.AsUTF8Unsafe(), header_.get(), &node))
|
|
return false;
|
|
|
|
if (node->FindKey("link")) {
|
|
stats->is_file = false;
|
|
stats->is_link = true;
|
|
return true;
|
|
}
|
|
|
|
if (node->FindKey("files")) {
|
|
stats->is_file = false;
|
|
stats->is_directory = true;
|
|
return true;
|
|
}
|
|
|
|
return FillFileInfoWithNode(stats, header_size_, header_validated_, node);
|
|
}
|
|
|
|
bool Archive::Readdir(const base::FilePath& path,
|
|
std::vector<base::FilePath>* files) const {
|
|
if (!header_)
|
|
return false;
|
|
|
|
const base::DictionaryValue* node;
|
|
if (!GetNodeFromPath(path.AsUTF8Unsafe(), header_.get(), &node))
|
|
return false;
|
|
|
|
const base::DictionaryValue* files_node;
|
|
if (!GetFilesNode(header_.get(), node, &files_node))
|
|
return false;
|
|
|
|
base::DictionaryValue::Iterator iter(*files_node);
|
|
while (!iter.IsAtEnd()) {
|
|
files->push_back(base::FilePath::FromUTF8Unsafe(iter.key()));
|
|
iter.Advance();
|
|
}
|
|
return true;
|
|
}
|
|
|
|
bool Archive::Realpath(const base::FilePath& path,
|
|
base::FilePath* realpath) const {
|
|
if (!header_)
|
|
return false;
|
|
|
|
const base::DictionaryValue* node;
|
|
if (!GetNodeFromPath(path.AsUTF8Unsafe(), header_.get(), &node))
|
|
return false;
|
|
|
|
std::string link;
|
|
if (node->GetString("link", &link)) {
|
|
*realpath = base::FilePath::FromUTF8Unsafe(link);
|
|
return true;
|
|
}
|
|
|
|
*realpath = path;
|
|
return true;
|
|
}
|
|
|
|
bool Archive::CopyFileOut(const base::FilePath& path, base::FilePath* out) {
|
|
if (!header_)
|
|
return false;
|
|
|
|
base::AutoLock auto_lock(external_files_lock_);
|
|
|
|
auto it = external_files_.find(path.value());
|
|
if (it != external_files_.end()) {
|
|
*out = it->second->path();
|
|
return true;
|
|
}
|
|
|
|
FileInfo info;
|
|
if (!GetFileInfo(path, &info))
|
|
return false;
|
|
|
|
if (info.unpacked) {
|
|
*out = path_.AddExtension(FILE_PATH_LITERAL("unpacked")).Append(path);
|
|
return true;
|
|
}
|
|
|
|
auto temp_file = std::make_unique<ScopedTemporaryFile>();
|
|
base::FilePath::StringType ext = path.Extension();
|
|
if (!temp_file->InitFromFile(&file_, ext, info.offset, info.size,
|
|
info.integrity))
|
|
return false;
|
|
|
|
#if BUILDFLAG(IS_POSIX)
|
|
if (info.executable) {
|
|
// chmod a+x temp_file;
|
|
base::SetPosixFilePermissions(temp_file->path(), 0755);
|
|
}
|
|
#endif
|
|
|
|
*out = temp_file->path();
|
|
external_files_[path.value()] = std::move(temp_file);
|
|
return true;
|
|
}
|
|
|
|
int Archive::GetUnsafeFD() const {
|
|
return fd_;
|
|
}
|
|
|
|
} // namespace asar
|