Code:
/ DotNET / DotNET / 8.0 / untmp / WIN_WINDOWS / lh_tools_devdiv_wpf / Windows / wcp / Shared / MS / Internal / SafeSecurityHelper.cs / 1 / SafeSecurityHelper.cs
/****************************************************************************\ * * File: SafeSecurityHelper.cs * * Purpose: Helper functions that require elevation but are safe to use. * * History: * 10/15/04: [....] Created * * Copyright (C) 2004 by Microsoft Corporation. All rights reserved. * \***************************************************************************/ using System; using System.Globalization; using System.Security; using System.Security.Permissions; using System.Reflection; using MS.Win32; using System.Runtime.InteropServices; using Microsoft.Win32; #if PRESENTATIONFRAMEWORK using System.Windows; using System.Windows.Media; #endif // The SafeSecurityHelper class differs between assemblies and could not actually be // shared, so it is duplicated across namespaces to prevent name collision. #if WINDOWS_BASE namespace MS.Internal.WindowsBase #elif PRESENTATION_CORE namespace MS.Internal.PresentationCore #elif PRESENTATIONFRAMEWORK namespace MS.Internal.PresentationFramework #elif REACHFRAMEWORK namespace MS.Internal.ReachFramework #elif DRT namespace MS.Internal.Drt #else #error Class is being used from an unknown assembly. #endif { internal static partial class SafeSecurityHelper { #if PRESENTATION_CORE ////// Given a rectangle with coords in local screen coordinates. /// Return the rectangle in global screen coordinates. /// ////// Critical - calls a critical function. /// TreatAsSafe - handing out a transformed rect is considered safe. /// /// Although we are calling a function that passes an array, and no. of elements. /// We limit this call to only call this function with a 2 as the count of elements. /// Thereby containing any potential for the call to Win32 to cause a buffer overrun. /// [SecurityCritical, SecurityTreatAsSafe ] internal static void TransformLocalRectToScreen(HandleRef hwnd, ref NativeMethods.RECT rcWindowCoords) { int retval = MapWindowPoints(hwnd , new HandleRef(null, IntPtr.Zero), ref rcWindowCoords, 2); int win32Err = Marshal.GetLastWin32Error(); if(retval == 0 && win32Err != 0) { throw new System.ComponentModel.Win32Exception(win32Err); } } #endif #if PRESENTATION_CORE || PRESENTATIONFRAMEWORK ||REACHFRAMEWORK || DEBUG #if !WINDOWS_BASE ////// Given an assembly, returns the partial name of the assembly. /// ////// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// The string returned does not contain path information. /// This code is duplicated in SafeSecurityHelperPBT.cs. /// internal static string GetAssemblyPartialName(Assembly assembly) { AssemblyName name = new AssemblyName(assembly.FullName); string partialName = name.Name; return (partialName != null) ? partialName : String.Empty; } #endif #endif #if PRESENTATIONFRAMEWORK ////// Get the full assembly name by combining the partial name passed in /// with everything else from proto assembly. /// ////// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// The string returned does not contain path information. /// internal static string GetFullAssemblyNameFromPartialName( Assembly protoAssembly, string partialName) { AssemblyName name = new AssemblyName(protoAssembly.FullName); name.Name = partialName; return name.FullName; } ////// Critical: This code accesses PresentationSource which is critical but does not /// expose it. /// TreatAsSafe: PresentationSource is not exposed and Client to Screen co-ordinates is /// safe to expose /// [SecurityCritical,SecurityTreatAsSafe] internal static Point ClientToScreen(UIElement relativeTo, Point point) { GeneralTransform transform; PresentationSource source = PresentationSource.CriticalFromVisual(relativeTo); if (source == null) { return new Point(double.NaN, double.NaN); } transform = relativeTo.TransformToAncestor(source.RootVisual); Point ptRoot; transform.TryTransform(point, out ptRoot); Point ptClient = PointUtil.RootToClient(ptRoot, source); Point ptScreen = PointUtil.ClientToScreen(ptClient, source); return ptScreen; } #endif // PRESENTATIONFRAMEWORK #if WINDOWS_BASE ////// This function iterates through the assemblies loaded in the current /// AppDomain and finds one that has the same assemblyName passed in. /// ////// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// This code is duplicated in SafeSecurityHelperPBT.cs. /// internal static Assembly GetLoadedAssembly(string assemblyName, bool ignoreCase) { Assembly returnAssembly = null; Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies(); for (int i = assemblies.Length -1; i >= 0; i--) { string fullName = assemblies[i].FullName; bool found = String.Compare(fullName, assemblyName, ignoreCase, CultureInfo.GetCultureInfo(DOTNETCULTURE)) == 0; if (!found) { int indexComma = fullName.IndexOf(",", StringComparison.Ordinal); if (indexComma > 0) { string shortName = fullName.Substring(0, indexComma); found = String.Compare(shortName, assemblyName, ignoreCase, CultureInfo.GetCultureInfo(DOTNETCULTURE)) == 0; } } if (found) { returnAssembly = assemblies[i]; break; } } return returnAssembly; } #endif // WINDOWS_BASE #if PRESENTATION_CORE // // Determine if two Public Key Tokens are the same. // private static bool IsSameKeyToken(byte[] reqKeyToken, byte[] curKeyToken) { bool isSame = false; if (reqKeyToken == null && curKeyToken == null) { // Both Key Tokens are not set, treat them as same. isSame = true; } else if (reqKeyToken != null && curKeyToken != null) { // Both KeyTokens are set. if (reqKeyToken.Length == curKeyToken.Length) { isSame = true; for (int i=0; i/// This function iterates through the assemblies loaded in the current /// AppDomain and finds one that has the same assemblyName, version and public /// key token which are passed in. /// /// /// This code used to perform an elevation but no longer needs to. /// The method is being kept in this class to ease auditing and /// should have a security review if changed. /// internal static Assembly GetLoadedAssembly(AssemblyName assemblyName, bool ignoreCase) { Assembly returnAssembly = null; Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies(); for (int i = assemblies.Length -1; i >= 0; i--) { AssemblyName curAsmName = new AssemblyName(assemblies[i].FullName); CultureInfo curCulture, reqCulture; byte[] curKeyToken, reqKeyToken; curCulture = curAsmName.CultureInfo; reqCulture = assemblyName.CultureInfo; curKeyToken = curAsmName.GetPublicKeyToken( ); reqKeyToken = assemblyName.GetPublicKeyToken( ); if ( (String.Compare(curAsmName.Name, assemblyName.Name, ignoreCase, CultureInfo.GetCultureInfo(DOTNETCULTURE) ) == 0 ) && (assemblyName.Version == null || assemblyName.Version.Equals(curAsmName.Version) ) && (reqCulture == null || reqCulture.Equals(curCulture) ) && (reqKeyToken == null || IsSameKeyToken(reqKeyToken, curKeyToken) ) ) { returnAssembly = assemblies[i]; break; } } return returnAssembly; } #endif // PRESENTATION_CORE #if PRESENTATION_CORE || PRESENTATIONFRAMEWORK // enum to choose between the various keys internal enum KeyToRead { WebBrowserDisable = 0x01 , MediaAudioDisable = 0x02 , MediaVideoDisable = 0x04 , MediaImageDisable = 0x08 , MediaAudioOrVideoDisable = KeyToRead.MediaVideoDisable | KeyToRead.MediaAudioDisable , } ////// Critical: This code elevates to access registry /// TreatAsSafe: The information it exposes is safe to give out and all it does is read a specific key /// [SecurityCritical,SecurityTreatAsSafe] internal static bool IsFeatureDisabled(KeyToRead key) { string regValue = null; bool fResult = false; switch (key) { case KeyToRead.WebBrowserDisable: regValue = RegistryKeys.value_WebBrowserDisallow; break; case KeyToRead.MediaAudioDisable: regValue = RegistryKeys.value_MediaAudioDisallow; break; case KeyToRead.MediaVideoDisable: regValue = RegistryKeys.value_MediaVideoDisallow; break; case KeyToRead.MediaImageDisable: regValue = RegistryKeys.value_MediaImageDisallow; break; case KeyToRead.MediaAudioOrVideoDisable: regValue = RegistryKeys.value_MediaAudioDisallow; break; default:// throw exception for invalid key throw(new System.ArgumentException(key.ToString())); } RegistryKey featureKey; //Assert for read access to HKLM\Software\Microsoft\Windows\Avalon RegistryPermission regPerm = new RegistryPermission(RegistryPermissionAccess.Read,"HKEY_LOCAL_MACHINE\\"+RegistryKeys.WPF_Features);//BlessedAssert regPerm.Assert();//BlessedAssert try { object obj = null; bool keyValue = false; // open the key and read the value featureKey = Registry.LocalMachine.OpenSubKey(RegistryKeys.WPF_Features); if (featureKey != null) { // If key exists and value is 1 return true else false obj = featureKey.GetValue(regValue); keyValue = obj is int && ((int)obj == 1); if (keyValue) { fResult = true; } // special case for audio and video since they can be orred // this is in the condition that audio is enabled since that is // the path that MediaAudioVideoDisable defaults to // This is purely to optimize perf on the number of calls to assert // in the media or audio scenario. if ((fResult == false) && (key == KeyToRead.MediaAudioOrVideoDisable)) { regValue = RegistryKeys.value_MediaVideoDisallow; // If key exists and value is 1 return true else false obj = featureKey.GetValue(regValue); keyValue = obj is int && ((int)obj == 1); if (keyValue) { fResult = true; } } } } finally { RegistryPermission.RevertAssert(); } return fResult; } #endif //PRESENTATIONCORE||PRESENTATIONFRAMEWORK #if PRESENTATION_CORE ////// This function is a wrapper for CultureInfo.GetCultureInfoByIetfLanguageTag(). /// The wrapper works around a bug in that routine, which causes it to throw /// a SecurityException in Partial Trust. VSWhidbey bug #572162. /// ////// Critical: This code elevates to access registry /// TreatAsSafe: The information it exposes is safe to give out and all it does is read a specific key /// [SecurityCritical,SecurityTreatAsSafe] static internal CultureInfo GetCultureInfoByIetfLanguageTag(string languageTag) { CultureInfo culture = null; RegistryPermission regPerm = new RegistryPermission(RegistryPermissionAccess.Read, RegistryKeys.HKLM_IetfLanguage);//BlessedAssert regPerm.Assert();//BlessedAssert try { culture = CultureInfo.GetCultureInfoByIetfLanguageTag(languageTag); } finally { RegistryPermission.RevertAssert(); } return culture; } #endif //PRESENTATIONCORE // // Private p-invokes. // #if !PRESENTATIONFRAMEWORK && !WINDOWS_BASE ////// Critical - this function elevates /// [SecurityCritical, SuppressUnmanagedCodeSecurity ] [DllImport(ExternDll.User32, SetLastError = true, ExactSpelling=true, CharSet=CharSet.Auto)] private static extern int MapWindowPoints(HandleRef hWndFrom, HandleRef hWndTo, [In, Out] ref NativeMethods.RECT rect, int cPoints); #endif internal const string DOTNETCULTURE = "en-us"; internal const string IMAGE = "image"; } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- BoundPropertyEntry.cs
- WebPartConnectionsConnectVerb.cs
- PackWebResponse.cs
- EventPropertyMap.cs
- EntityKeyElement.cs
- XpsFixedDocumentSequenceReaderWriter.cs
- ListBox.cs
- Win32KeyboardDevice.cs
- SharedPerformanceCounter.cs
- TypeConverters.cs
- DrawingVisual.cs
- FilterException.cs
- ProfileServiceManager.cs
- TabItem.cs
- DesignerAutoFormat.cs
- ArgIterator.cs
- MessageOperationFormatter.cs
- UrlParameterWriter.cs
- Run.cs
- DetailsViewInsertedEventArgs.cs
- Line.cs
- SimpleFileLog.cs
- SoapIncludeAttribute.cs
- InlineUIContainer.cs
- FlowLayout.cs
- OneWayBindingElementImporter.cs
- IPipelineRuntime.cs
- CompositeFontFamily.cs
- OpenTypeCommon.cs
- XmlByteStreamReader.cs
- HttpHeaderCollection.cs
- TableCell.cs
- RegexCapture.cs
- FusionWrap.cs
- HttpSysSettings.cs
- CultureTable.cs
- XmlArrayAttribute.cs
- ZipIOLocalFileBlock.cs
- AssemblyBuilder.cs
- DataGridViewColumnHeaderCell.cs
- QilList.cs
- ContainerSelectorActiveEvent.cs
- Repeater.cs
- Int32Storage.cs
- EntityParameterCollection.cs
- SecurityChannelFaultConverter.cs
- DeviceContexts.cs
- RegexRunner.cs
- DragSelectionMessageFilter.cs
- GenericXmlSecurityToken.cs
- SelectionWordBreaker.cs
- Validator.cs
- ImportOptions.cs
- FlowDocumentScrollViewer.cs
- ComContractElement.cs
- ListViewDeleteEventArgs.cs
- DeviceSpecific.cs
- XmlCharacterData.cs
- LoadMessageLogger.cs
- XmlUtil.cs
- LexicalChunk.cs
- FaultDescription.cs
- Matrix.cs
- BasicKeyConstraint.cs
- TabControl.cs
- DynamicField.cs
- FieldBuilder.cs
- SqlReferenceCollection.cs
- GroupQuery.cs
- AsymmetricAlgorithm.cs
- ProgressChangedEventArgs.cs
- Rectangle.cs
- CacheDependency.cs
- ValidatorUtils.cs
- XmlException.cs
- ConfigurationManagerHelperFactory.cs
- CodeGeneratorOptions.cs
- RouteParser.cs
- LicenseProviderAttribute.cs
- WebPartZoneBaseDesigner.cs
- AppDomainAttributes.cs
- UnicodeEncoding.cs
- ParentControlDesigner.cs
- DependsOnAttribute.cs
- CheckBoxRenderer.cs
- TemplatingOptionsDialog.cs
- _ServiceNameStore.cs
- DataGridViewCellValidatingEventArgs.cs
- TextBoxView.cs
- _StreamFramer.cs
- SqlProviderUtilities.cs
- IdentityModelDictionary.cs
- StreamHelper.cs
- GroupBoxAutomationPeer.cs
- ObjectDataSourceEventArgs.cs
- QueuePathDialog.cs
- DoWhileDesigner.xaml.cs
- CodeCompileUnit.cs
- EntityContainerEntitySet.cs
- ConfigurationSectionCollection.cs