Code:
/ DotNET / DotNET / 8.0 / untmp / WIN_WINDOWS / lh_tools_devdiv_wpf / Windows / wcp / Shared / MS / Internal / SafeSecurityHelper.cs / 1 / SafeSecurityHelper.cs
/****************************************************************************\ * * File: SafeSecurityHelper.cs * * Purpose: Helper functions that require elevation but are safe to use. * * History: * 10/15/04: [....] Created * * Copyright (C) 2004 by Microsoft Corporation. All rights reserved. * \***************************************************************************/ using System; using System.Globalization; using System.Security; using System.Security.Permissions; using System.Reflection; using MS.Win32; using System.Runtime.InteropServices; using Microsoft.Win32; #if PRESENTATIONFRAMEWORK using System.Windows; using System.Windows.Media; #endif // The SafeSecurityHelper class differs between assemblies and could not actually be // shared, so it is duplicated across namespaces to prevent name collision. #if WINDOWS_BASE namespace MS.Internal.WindowsBase #elif PRESENTATION_CORE namespace MS.Internal.PresentationCore #elif PRESENTATIONFRAMEWORK namespace MS.Internal.PresentationFramework #elif REACHFRAMEWORK namespace MS.Internal.ReachFramework #elif DRT namespace MS.Internal.Drt #else #error Class is being used from an unknown assembly. #endif { internal static partial class SafeSecurityHelper { #if PRESENTATION_CORE ////// Given a rectangle with coords in local screen coordinates. /// Return the rectangle in global screen coordinates. /// ////// Critical - calls a critical function. /// TreatAsSafe - handing out a transformed rect is considered safe. /// /// Although we are calling a function that passes an array, and no. of elements. /// We limit this call to only call this function with a 2 as the count of elements. /// Thereby containing any potential for the call to Win32 to cause a buffer overrun. /// [SecurityCritical, SecurityTreatAsSafe ] internal static void TransformLocalRectToScreen(HandleRef hwnd, ref NativeMethods.RECT rcWindowCoords) { int retval = MapWindowPoints(hwnd , new HandleRef(null, IntPtr.Zero), ref rcWindowCoords, 2); int win32Err = Marshal.GetLastWin32Error(); if(retval == 0 && win32Err != 0) { throw new System.ComponentModel.Win32Exception(win32Err); } } #endif #if PRESENTATION_CORE || PRESENTATIONFRAMEWORK ||REACHFRAMEWORK || DEBUG #if !WINDOWS_BASE ////// Given an assembly, returns the partial name of the assembly. /// ////// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// The string returned does not contain path information. /// This code is duplicated in SafeSecurityHelperPBT.cs. /// internal static string GetAssemblyPartialName(Assembly assembly) { AssemblyName name = new AssemblyName(assembly.FullName); string partialName = name.Name; return (partialName != null) ? partialName : String.Empty; } #endif #endif #if PRESENTATIONFRAMEWORK ////// Get the full assembly name by combining the partial name passed in /// with everything else from proto assembly. /// ////// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// The string returned does not contain path information. /// internal static string GetFullAssemblyNameFromPartialName( Assembly protoAssembly, string partialName) { AssemblyName name = new AssemblyName(protoAssembly.FullName); name.Name = partialName; return name.FullName; } ////// Critical: This code accesses PresentationSource which is critical but does not /// expose it. /// TreatAsSafe: PresentationSource is not exposed and Client to Screen co-ordinates is /// safe to expose /// [SecurityCritical,SecurityTreatAsSafe] internal static Point ClientToScreen(UIElement relativeTo, Point point) { GeneralTransform transform; PresentationSource source = PresentationSource.CriticalFromVisual(relativeTo); if (source == null) { return new Point(double.NaN, double.NaN); } transform = relativeTo.TransformToAncestor(source.RootVisual); Point ptRoot; transform.TryTransform(point, out ptRoot); Point ptClient = PointUtil.RootToClient(ptRoot, source); Point ptScreen = PointUtil.ClientToScreen(ptClient, source); return ptScreen; } #endif // PRESENTATIONFRAMEWORK #if WINDOWS_BASE ////// This function iterates through the assemblies loaded in the current /// AppDomain and finds one that has the same assemblyName passed in. /// ////// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// This code is duplicated in SafeSecurityHelperPBT.cs. /// internal static Assembly GetLoadedAssembly(string assemblyName, bool ignoreCase) { Assembly returnAssembly = null; Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies(); for (int i = assemblies.Length -1; i >= 0; i--) { string fullName = assemblies[i].FullName; bool found = String.Compare(fullName, assemblyName, ignoreCase, CultureInfo.GetCultureInfo(DOTNETCULTURE)) == 0; if (!found) { int indexComma = fullName.IndexOf(",", StringComparison.Ordinal); if (indexComma > 0) { string shortName = fullName.Substring(0, indexComma); found = String.Compare(shortName, assemblyName, ignoreCase, CultureInfo.GetCultureInfo(DOTNETCULTURE)) == 0; } } if (found) { returnAssembly = assemblies[i]; break; } } return returnAssembly; } #endif // WINDOWS_BASE #if PRESENTATION_CORE // // Determine if two Public Key Tokens are the same. // private static bool IsSameKeyToken(byte[] reqKeyToken, byte[] curKeyToken) { bool isSame = false; if (reqKeyToken == null && curKeyToken == null) { // Both Key Tokens are not set, treat them as same. isSame = true; } else if (reqKeyToken != null && curKeyToken != null) { // Both KeyTokens are set. if (reqKeyToken.Length == curKeyToken.Length) { isSame = true; for (int i=0; i/// This function iterates through the assemblies loaded in the current /// AppDomain and finds one that has the same assemblyName, version and public /// key token which are passed in. /// /// /// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// internal static Assembly GetLoadedAssembly(AssemblyName assemblyName, bool ignoreCase) { Assembly returnAssembly = null; Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies(); for (int i = assemblies.Length -1; i >= 0; i--) { AssemblyName curAsmName = new AssemblyName(assemblies[i].FullName); CultureInfo curCulture, reqCulture; byte[] curKeyToken, reqKeyToken; curCulture = curAsmName.CultureInfo; reqCulture = assemblyName.CultureInfo; curKeyToken = curAsmName.GetPublicKeyToken( ); reqKeyToken = assemblyName.GetPublicKeyToken( ); if ( (String.Compare(curAsmName.Name, assemblyName.Name, ignoreCase, CultureInfo.GetCultureInfo(DOTNETCULTURE) ) == 0 ) && (assemblyName.Version == null || assemblyName.Version.Equals(curAsmName.Version) ) && (reqCulture == null || reqCulture.Equals(curCulture) ) && (reqKeyToken == null || IsSameKeyToken(reqKeyToken, curKeyToken) ) ) { returnAssembly = assemblies[i]; break; } } return returnAssembly; } #endif // PRESENTATION_CORE #if PRESENTATION_CORE || PRESENTATIONFRAMEWORK // enum to choose between the various keys internal enum KeyToRead { WebBrowserDisable = 0x01 , MediaAudioDisable = 0x02 , MediaVideoDisable = 0x04 , MediaImageDisable = 0x08 , MediaAudioOrVideoDisable = KeyToRead.MediaVideoDisable | KeyToRead.MediaAudioDisable , } ////// Critical: This code elevates to access registry /// TreatAsSafe: The information it exposes is safe to give out and all it does is read a specific key /// [SecurityCritical,SecurityTreatAsSafe] internal static bool IsFeatureDisabled(KeyToRead key) { string regValue = null; bool fResult = false; switch (key) { case KeyToRead.WebBrowserDisable: regValue = RegistryKeys.value_WebBrowserDisallow; break; case KeyToRead.MediaAudioDisable: regValue = RegistryKeys.value_MediaAudioDisallow; break; case KeyToRead.MediaVideoDisable: regValue = RegistryKeys.value_MediaVideoDisallow; break; case KeyToRead.MediaImageDisable: regValue = RegistryKeys.value_MediaImageDisallow; break; case KeyToRead.MediaAudioOrVideoDisable: regValue = RegistryKeys.value_MediaAudioDisallow; break; default:// throw exception for invalid key throw(new System.ArgumentException(key.ToString())); } RegistryKey featureKey; //Assert for read access to HKLM\Software\Microsoft\Windows\Avalon RegistryPermission regPerm = new RegistryPermission(RegistryPermissionAccess.Read,"HKEY_LOCAL_MACHINE\\"+RegistryKeys.WPF_Features);//BlessedAssert regPerm.Assert();//BlessedAssert try { object obj = null; bool keyValue = false; // open the key and read the value featureKey = Registry.LocalMachine.OpenSubKey(RegistryKeys.WPF_Features); if (featureKey != null) { // If key exists and value is 1 return true else false obj = featureKey.GetValue(regValue); keyValue = obj is int && ((int)obj == 1); if (keyValue) { fResult = true; } // special case for audio and video since they can be orred // this is in the condition that audio is enabled since that is // the path that MediaAudioVideoDisable defaults to // This is purely to optimize perf on the number of calls to assert // in the media or audio scenario. if ((fResult == false) && (key == KeyToRead.MediaAudioOrVideoDisable)) { regValue = RegistryKeys.value_MediaVideoDisallow; // If key exists and value is 1 return true else false obj = featureKey.GetValue(regValue); keyValue = obj is int && ((int)obj == 1); if (keyValue) { fResult = true; } } } } finally { RegistryPermission.RevertAssert(); } return fResult; } #endif //PRESENTATIONCORE||PRESENTATIONFRAMEWORK #if PRESENTATION_CORE ////// This function is a wrapper for CultureInfo.GetCultureInfoByIetfLanguageTag(). /// The wrapper works around a bug in that routine, which causes it to throw /// a SecurityException in Partial Trust. VSWhidbey bug #572162. /// ////// Critical: This code elevates to access registry /// TreatAsSafe: The information it exposes is safe to give out and all it does is read a specific key /// [SecurityCritical,SecurityTreatAsSafe] static internal CultureInfo GetCultureInfoByIetfLanguageTag(string languageTag) { CultureInfo culture = null; RegistryPermission regPerm = new RegistryPermission(RegistryPermissionAccess.Read, RegistryKeys.HKLM_IetfLanguage);//BlessedAssert regPerm.Assert();//BlessedAssert try { culture = CultureInfo.GetCultureInfoByIetfLanguageTag(languageTag); } finally { RegistryPermission.RevertAssert(); } return culture; } #endif //PRESENTATIONCORE // // Private p-invokes. // #if !PRESENTATIONFRAMEWORK && !WINDOWS_BASE ////// Critical - this function elevates /// [SecurityCritical, SuppressUnmanagedCodeSecurity ] [DllImport(ExternDll.User32, SetLastError = true, ExactSpelling=true, CharSet=CharSet.Auto)] private static extern int MapWindowPoints(HandleRef hWndFrom, HandleRef hWndTo, [In, Out] ref NativeMethods.RECT rect, int cPoints); #endif internal const string DOTNETCULTURE = "en-us"; internal const string IMAGE = "image"; } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- GridViewItemAutomationPeer.cs
- InvokePattern.cs
- DiscoveryMessageSequenceGenerator.cs
- SID.cs
- InvalidProgramException.cs
- TextEditorCopyPaste.cs
- TypeEnumerableViewSchema.cs
- ArrayList.cs
- ReadWriteControlDesigner.cs
- ToolStripArrowRenderEventArgs.cs
- ReadOnlyAttribute.cs
- ClockController.cs
- TreeNodeSelectionProcessor.cs
- Part.cs
- ApplicationCommands.cs
- MinMaxParagraphWidth.cs
- IteratorDescriptor.cs
- WindowsFormsSectionHandler.cs
- ACE.cs
- BuildProvidersCompiler.cs
- AutomationAttributeInfo.cs
- ProcessInputEventArgs.cs
- ToolStripTextBox.cs
- DateBoldEvent.cs
- _LazyAsyncResult.cs
- DataBindingCollection.cs
- EntityDataSourceStatementEditor.cs
- TimeIntervalCollection.cs
- FontNamesConverter.cs
- IdleTimeoutMonitor.cs
- Selector.cs
- StoreAnnotationsMap.cs
- __Error.cs
- CollectionDataContract.cs
- DrawingContextDrawingContextWalker.cs
- MultiPropertyDescriptorGridEntry.cs
- SamlAuthenticationStatement.cs
- Command.cs
- MaskPropertyEditor.cs
- HttpConfigurationContext.cs
- FileFormatException.cs
- Italic.cs
- TextInfo.cs
- ListViewTableRow.cs
- PrtTicket_Editor.cs
- LineGeometry.cs
- CollectionBase.cs
- FunctionCommandText.cs
- ObsoleteAttribute.cs
- ScriptControl.cs
- FixedSOMContainer.cs
- RawStylusInputCustomDataList.cs
- XmlSerializerImportOptions.cs
- ManagedIStream.cs
- SplitterEvent.cs
- OracleInternalConnection.cs
- ResourceDictionaryCollection.cs
- TypedRowGenerator.cs
- Parser.cs
- RequestCachePolicyConverter.cs
- PrimarySelectionAdorner.cs
- HelpProvider.cs
- StyleReferenceConverter.cs
- ConfigurationLocation.cs
- XNodeNavigator.cs
- ListChangedEventArgs.cs
- CompilerTypeWithParams.cs
- DynamicHyperLink.cs
- WindowsEditBox.cs
- ViewManager.cs
- GridViewUpdatedEventArgs.cs
- HtmlShimManager.cs
- Msec.cs
- XmlDocumentSurrogate.cs
- DataTransferEventArgs.cs
- TextDecorationUnitValidation.cs
- QueryRewriter.cs
- XpsFilter.cs
- BaseInfoTable.cs
- TextDecorations.cs
- HandleValueEditor.cs
- TraceSource.cs
- DesignBindingEditor.cs
- TrustManagerMoreInformation.cs
- NamespaceEmitter.cs
- DbProviderManifest.cs
- DWriteFactory.cs
- SystemDropShadowChrome.cs
- MdImport.cs
- CriticalFinalizerObject.cs
- EntitySetBaseCollection.cs
- UrlPath.cs
- CompositionTarget.cs
- CodeCastExpression.cs
- MailHeaderInfo.cs
- CodeMemberField.cs
- DataView.cs
- TextAction.cs
- ChangeConflicts.cs
- ContentType.cs