Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Misc / SecurityUtils.cs / 1305376 / SecurityUtils.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* */ #if [....]_NAMESPACE namespace System.Windows.Forms #elif DRAWING_NAMESPACE namespace System.Drawing #elif [....]_PUBLIC_GRAPHICS_LIBRARY namespace System.Internal #elif SYSTEM_NAMESPACE namespace System #elif SYSTEM_WEB namespace System.Web #else namespace System.Windows.Forms #endif { using System; using System.Reflection; using System.Diagnostics.CodeAnalysis; using System.Security; using System.Security.Permissions; ////// Useful methods to securely call 'dangerous' managed APIs (especially reflection). /// See http://wiki/default.aspx/Microsoft.Projects.DotNetClient.SecurityConcernsAroundReflection /// for more information specifically about why we need to be careful about reflection invocations. /// internal static class SecurityUtils { private static ReflectionPermission memberAccessPermission = null; private static ReflectionPermission restrictedMemberAccessPermission = null; private static ReflectionPermission MemberAccessPermission { get { if (memberAccessPermission == null) { memberAccessPermission = new ReflectionPermission(ReflectionPermissionFlag.MemberAccess); } return memberAccessPermission; } } private static ReflectionPermission RestrictedMemberAccessPermission { get { if (restrictedMemberAccessPermission == null) { restrictedMemberAccessPermission = new ReflectionPermission(ReflectionPermissionFlag.RestrictedMemberAccess); } return restrictedMemberAccessPermission; } } private static void DemandReflectionAccess(Type type) { try { MemberAccessPermission.Demand(); } catch (SecurityException) { DemandGrantSet(type.Assembly); } } [SecuritySafeCritical] private static void DemandGrantSet(Assembly assembly) { PermissionSet targetGrantSet = assembly.PermissionSet; targetGrantSet.AddPermission(RestrictedMemberAccessPermission); targetGrantSet.Demand(); } private static bool HasReflectionPermission(Type type) { try { DemandReflectionAccess(type); return true; } catch (SecurityException) { } return false; } ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type) { return SecureCreateInstance(type, null, false); } ////// This helper method provides safe access to Activator.CreateInstance. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureCreateInstance(Type type, object[] args, bool allowNonPublic) { if (type == null) { throw new ArgumentNullException("type"); } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | BindingFlags.CreateInstance; // if it's an internal type, we demand reflection permission. if (!type.IsVisible) { DemandReflectionAccess(type); } else if (allowNonPublic && !HasReflectionPermission(type)) { // Someone is trying to instantiate a public type in *our* assembly, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. // The reason we don't directly demand the permission here is because we don't know whether // a public or non-public .ctor will be invoked. We want to allow the public .ctor case to // succeed. allowNonPublic = false; } if (allowNonPublic) { flags |= BindingFlags.NonPublic; } return Activator.CreateInstance(type, flags, null, args, null); } #if (![....]_NAMESPACE) ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type, object[] args) { return SecureCreateInstance(type, args, false); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic) { return SecureConstructorInvoke(type, argTypes, args, allowNonPublic, BindingFlags.Default); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// The 'extraFlags' parameter is used to pass in any other flags you need, /// besides Public, NonPublic and Instance. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic, BindingFlags extraFlags) { if (type == null) { throw new ArgumentNullException("type"); } // if it's an internal type, we demand reflection permission. if (!type.IsVisible) { DemandReflectionAccess(type); } else if (allowNonPublic && !HasReflectionPermission(type)) { // Someone is trying to invoke a ctor on a public type, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. allowNonPublic = false; } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | BindingFlags.NonPublic | extraFlags; if (!allowNonPublic) { flags &= ~BindingFlags.NonPublic; } ConstructorInfo ctor = type.GetConstructor(flags, null, argTypes, null); if (ctor != null) { return ctor.Invoke(args); } return null; } private static bool GenericArgumentsAreVisible(MethodInfo method) { if (method.IsGenericMethod) { Type[] parameterTypes = method.GetGenericArguments(); foreach (Type type in parameterTypes) { if (!type.IsVisible) { return false; } } } return true; } ////// This helper method provides safe access to FieldInfo's GetValue method. /// internal static object FieldInfoGetValue(FieldInfo field, object target) { Type type = field.DeclaringType; if (type == null) { // Type is null for Global fields. if (!field.IsPublic) { DemandGrantSet(field.Module.Assembly); } } else if (!(type != null && type.IsVisible && field.IsPublic)) { DemandReflectionAccess(type); } return field.GetValue(target); } ////// This helper method provides safe access to MethodInfo's Invoke method. /// internal static object MethodInfoInvoke(MethodInfo method, object target, object[] args) { Type type = method.DeclaringType; if (type == null) { // Type is null for Global methods. In this case we would need to demand grant set on // the containing assembly for internal methods. if (!(method.IsPublic && GenericArgumentsAreVisible(method))) { DemandGrantSet(method.Module.Assembly); } } else if (!(type.IsVisible && method.IsPublic && GenericArgumentsAreVisible(method))) { // this demand is required for internal types in system.dll and its friend assemblies. DemandReflectionAccess(type); } return method.Invoke(target, args); } ////// This helper method provides safe access to ConstructorInfo's Invoke method. /// Constructors can't be generic, so we don't check if argument types are visible /// internal static object ConstructorInfoInvoke(ConstructorInfo ctor, object[] args) { Type type = ctor.DeclaringType; if ((type != null) && !(type.IsVisible && ctor.IsPublic)) { DemandReflectionAccess(type); } return ctor.Invoke(args); } ////// This helper method provides safe access to Array.CreateInstance. /// internal static object ArrayCreateInstance(Type type, int length) { if (!type.IsVisible) { DemandReflectionAccess(type); } return Array.CreateInstance(type, length); } #endif } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* */ #if [....]_NAMESPACE namespace System.Windows.Forms #elif DRAWING_NAMESPACE namespace System.Drawing #elif [....]_PUBLIC_GRAPHICS_LIBRARY namespace System.Internal #elif SYSTEM_NAMESPACE namespace System #elif SYSTEM_WEB namespace System.Web #else namespace System.Windows.Forms #endif { using System; using System.Reflection; using System.Diagnostics.CodeAnalysis; using System.Security; using System.Security.Permissions; ////// Useful methods to securely call 'dangerous' managed APIs (especially reflection). /// See http://wiki/default.aspx/Microsoft.Projects.DotNetClient.SecurityConcernsAroundReflection /// for more information specifically about why we need to be careful about reflection invocations. /// internal static class SecurityUtils { private static ReflectionPermission memberAccessPermission = null; private static ReflectionPermission restrictedMemberAccessPermission = null; private static ReflectionPermission MemberAccessPermission { get { if (memberAccessPermission == null) { memberAccessPermission = new ReflectionPermission(ReflectionPermissionFlag.MemberAccess); } return memberAccessPermission; } } private static ReflectionPermission RestrictedMemberAccessPermission { get { if (restrictedMemberAccessPermission == null) { restrictedMemberAccessPermission = new ReflectionPermission(ReflectionPermissionFlag.RestrictedMemberAccess); } return restrictedMemberAccessPermission; } } private static void DemandReflectionAccess(Type type) { try { MemberAccessPermission.Demand(); } catch (SecurityException) { DemandGrantSet(type.Assembly); } } [SecuritySafeCritical] private static void DemandGrantSet(Assembly assembly) { PermissionSet targetGrantSet = assembly.PermissionSet; targetGrantSet.AddPermission(RestrictedMemberAccessPermission); targetGrantSet.Demand(); } private static bool HasReflectionPermission(Type type) { try { DemandReflectionAccess(type); return true; } catch (SecurityException) { } return false; } ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type) { return SecureCreateInstance(type, null, false); } ////// This helper method provides safe access to Activator.CreateInstance. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureCreateInstance(Type type, object[] args, bool allowNonPublic) { if (type == null) { throw new ArgumentNullException("type"); } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | BindingFlags.CreateInstance; // if it's an internal type, we demand reflection permission. if (!type.IsVisible) { DemandReflectionAccess(type); } else if (allowNonPublic && !HasReflectionPermission(type)) { // Someone is trying to instantiate a public type in *our* assembly, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. // The reason we don't directly demand the permission here is because we don't know whether // a public or non-public .ctor will be invoked. We want to allow the public .ctor case to // succeed. allowNonPublic = false; } if (allowNonPublic) { flags |= BindingFlags.NonPublic; } return Activator.CreateInstance(type, flags, null, args, null); } #if (![....]_NAMESPACE) ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type, object[] args) { return SecureCreateInstance(type, args, false); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic) { return SecureConstructorInvoke(type, argTypes, args, allowNonPublic, BindingFlags.Default); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// The 'extraFlags' parameter is used to pass in any other flags you need, /// besides Public, NonPublic and Instance. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic, BindingFlags extraFlags) { if (type == null) { throw new ArgumentNullException("type"); } // if it's an internal type, we demand reflection permission. if (!type.IsVisible) { DemandReflectionAccess(type); } else if (allowNonPublic && !HasReflectionPermission(type)) { // Someone is trying to invoke a ctor on a public type, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. allowNonPublic = false; } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | BindingFlags.NonPublic | extraFlags; if (!allowNonPublic) { flags &= ~BindingFlags.NonPublic; } ConstructorInfo ctor = type.GetConstructor(flags, null, argTypes, null); if (ctor != null) { return ctor.Invoke(args); } return null; } private static bool GenericArgumentsAreVisible(MethodInfo method) { if (method.IsGenericMethod) { Type[] parameterTypes = method.GetGenericArguments(); foreach (Type type in parameterTypes) { if (!type.IsVisible) { return false; } } } return true; } ////// This helper method provides safe access to FieldInfo's GetValue method. /// internal static object FieldInfoGetValue(FieldInfo field, object target) { Type type = field.DeclaringType; if (type == null) { // Type is null for Global fields. if (!field.IsPublic) { DemandGrantSet(field.Module.Assembly); } } else if (!(type != null && type.IsVisible && field.IsPublic)) { DemandReflectionAccess(type); } return field.GetValue(target); } ////// This helper method provides safe access to MethodInfo's Invoke method. /// internal static object MethodInfoInvoke(MethodInfo method, object target, object[] args) { Type type = method.DeclaringType; if (type == null) { // Type is null for Global methods. In this case we would need to demand grant set on // the containing assembly for internal methods. if (!(method.IsPublic && GenericArgumentsAreVisible(method))) { DemandGrantSet(method.Module.Assembly); } } else if (!(type.IsVisible && method.IsPublic && GenericArgumentsAreVisible(method))) { // this demand is required for internal types in system.dll and its friend assemblies. DemandReflectionAccess(type); } return method.Invoke(target, args); } ////// This helper method provides safe access to ConstructorInfo's Invoke method. /// Constructors can't be generic, so we don't check if argument types are visible /// internal static object ConstructorInfoInvoke(ConstructorInfo ctor, object[] args) { Type type = ctor.DeclaringType; if ((type != null) && !(type.IsVisible && ctor.IsPublic)) { DemandReflectionAccess(type); } return ctor.Invoke(args); } ////// This helper method provides safe access to Array.CreateInstance. /// internal static object ArrayCreateInstance(Type type, int length) { if (!type.IsVisible) { DemandReflectionAccess(type); } return Array.CreateInstance(type, length); } #endif } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- PointConverter.cs
- XamlReader.cs
- ItemType.cs
- MetadataSection.cs
- FlowNode.cs
- StopStoryboard.cs
- RemoveStoryboard.cs
- NumberFormatter.cs
- QuaternionAnimationUsingKeyFrames.cs
- XhtmlBasicValidationSummaryAdapter.cs
- SurrogateEncoder.cs
- XmlDataSourceView.cs
- DataGridItemEventArgs.cs
- FilterException.cs
- LabelEditEvent.cs
- HttpRuntime.cs
- Calendar.cs
- CqlWriter.cs
- ColumnResizeAdorner.cs
- DataGridViewAutoSizeColumnsModeEventArgs.cs
- SHA256Managed.cs
- ToolStrip.cs
- CodeMethodReturnStatement.cs
- SqlNotificationEventArgs.cs
- _LocalDataStoreMgr.cs
- FacetChecker.cs
- Error.cs
- StylusPoint.cs
- DisplayMemberTemplateSelector.cs
- SHA256Managed.cs
- ToolZone.cs
- XPathParser.cs
- CodePropertyReferenceExpression.cs
- X509AsymmetricSecurityKey.cs
- ColumnBinding.cs
- TileBrush.cs
- RequestNavigateEventArgs.cs
- BufferedStream.cs
- AdornerPresentationContext.cs
- WebPartExportVerb.cs
- PreservationFileReader.cs
- ItemCollection.cs
- PackagePartCollection.cs
- AppDomainGrammarProxy.cs
- codemethodreferenceexpression.cs
- HwndSource.cs
- ColumnWidthChangedEvent.cs
- LogSwitch.cs
- WCFBuildProvider.cs
- Setter.cs
- WebPartRestoreVerb.cs
- PartialCachingControl.cs
- NamespaceDecl.cs
- cookiecontainer.cs
- RequestQueue.cs
- BinaryWriter.cs
- OwnerDrawPropertyBag.cs
- MenuItemAutomationPeer.cs
- OrderedDictionary.cs
- LineSegment.cs
- Registry.cs
- SqlClientPermission.cs
- ApplicationTrust.cs
- AuthenticationModuleElement.cs
- WinFormsUtils.cs
- CredentialCache.cs
- KeyValuePairs.cs
- CounterCreationDataConverter.cs
- ClientSettingsProvider.cs
- MembershipSection.cs
- EnumType.cs
- ToolstripProfessionalRenderer.cs
- UpdateTranslator.cs
- DataKey.cs
- ProcessHostConfigUtils.cs
- Byte.cs
- MatrixTransform.cs
- SqlDelegatedTransaction.cs
- AddressHeader.cs
- Int32Rect.cs
- XmlDictionaryReaderQuotas.cs
- ColumnTypeConverter.cs
- TimeSpanSecondsOrInfiniteConverter.cs
- DetailsViewModeEventArgs.cs
- TableLayoutPanelBehavior.cs
- System.Data_BID.cs
- CatalogZoneBase.cs
- DrawingDrawingContext.cs
- OleDbDataAdapter.cs
- _LocalDataStore.cs
- CfgArc.cs
- ColumnMapTranslator.cs
- DependencyPropertyKind.cs
- InfoCardArgumentException.cs
- EntityDataSourceContainerNameItem.cs
- Visual3D.cs
- PermissionAttributes.cs
- UnsafeNativeMethodsMilCoreApi.cs
- ItemContainerGenerator.cs
- AuthorizationRuleCollection.cs