AU: Verify that the actual download size matches the size reported by Omaha.
This patch makes sure that the size of the payload received from the server
matches the size reported by Omaha. We could also verify that the HTTP header
size field matches the Omaha size but that seems redundant -- ultimately, it's
important that the number of bytes that AU actually downloads (and calculates
the hash on) matches the Omaha size.
BUG=6579
TEST=unit tests, gmerged on device and tested with a regular as well as a
modified dev server to send incorrect size.
Change-Id: I2f38e2df53e713c0b4f417533028fcb623e2df16
Review URL: http://codereview.chromium.org/3499004
diff --git a/download_action.cc b/download_action.cc
index 9779f2a..6b27722 100644
--- a/download_action.cc
+++ b/download_action.cc
@@ -138,13 +138,18 @@
ActionExitCode code =
successful ? kActionCodeSuccess : kActionCodeDownloadTransferError;
if (code == kActionCodeSuccess) {
- // Make sure hash is correct
+ // Makes sure the hash and size are correct.
omaha_hash_calculator_.Finalize();
if (omaha_hash_calculator_.hash() != install_plan_.download_hash) {
LOG(ERROR) << "Download of " << install_plan_.download_url
- << " failed. Expect hash " << install_plan_.download_hash
+ << " failed. Expected hash " << install_plan_.download_hash
<< " but got hash " << omaha_hash_calculator_.hash();
code = kActionCodeDownloadHashMismatchError;
+ } else if (bytes_received_ != install_plan_.size) {
+ LOG(ERROR) << "Download of " << install_plan_.download_url
+ << " failed. Expected size " << install_plan_.size
+ << " but got size " << bytes_received_;
+ code = kActionCodeDownloadSizeMismatchError;
}
}