Code:
/ Dotnetfx_Vista_SP2 / Dotnetfx_Vista_SP2 / 8.0.50727.4016 / DEVDIV / depot / DevDiv / releases / whidbey / NetFxQFE / ndp / fx / src / Misc / SecurityUtils.cs / 1 / SecurityUtils.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* */ #if WINFORMS_NAMESPACE namespace System.Windows.Forms #elif DRAWING_NAMESPACE namespace System.Drawing #elif WINFORMS_PUBLIC_GRAPHICS_LIBRARY namespace System.Internal #elif SYSTEM_NAMESPACE namespace System #else namespace System.Windows.Forms #endif { using System; using System.Reflection; using System.Diagnostics.CodeAnalysis; using System.Security; using System.Security.Permissions; ////// Useful methods to securely call 'dangerous' managed APIs (especially reflection). /// See http://wiki/default.aspx/Microsoft.Projects.DotNetClient.SecurityConcernsAroundReflection /// for more information specifically about why we need to be careful about reflection invocations. /// internal static class SecurityUtils { private static bool HasReflectionPermission { get { try { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); return true; } catch (SecurityException) { } return false; } } ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type) { return SecureCreateInstance(type, null); } ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type, object[] args) { if (type == null) { throw new ArgumentNullException("type"); } // The only case we need to worry about is when the type is in the same assembly // as us. In all other cases, reflection will take care of security. if (type.Assembly == typeof(SecurityUtils).Assembly && !(type.IsPublic || type.IsNestedPublic)) { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); } return Activator.CreateInstance(type, args); } ////// This helper method provides safe access to Activator.CreateInstance. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureCreateInstance(Type type, object[] args, bool allowNonPublic) { if (type == null) { throw new ArgumentNullException("type"); } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | BindingFlags.CreateInstance; // The only case we need to worry about is when the type is in the same assembly // as us. In all other cases, reflection will take care of security. if (type.Assembly == typeof(SecurityUtils).Assembly) { // if it's an internal type, we demand reflection permission. if (!(type.IsPublic || type.IsNestedPublic)) { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); } else if (allowNonPublic && !HasReflectionPermission) { // Someone is trying to instantiate a public type in *our* assembly, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. // The reason we don't directly demand the permission here is because we don't know whether // a public nr non-public .ctor will be invoked. We want to allow the public .ctor case to // succeed. allowNonPublic = false; } } if (allowNonPublic) { flags |= BindingFlags.NonPublic; } return Activator.CreateInstance(type, flags, null, args, null); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic) { return SecureConstructorInvoke(type, argTypes, args, allowNonPublic, BindingFlags.Default); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// The 'extraFlags' parameter is used to pass in any other flags you need, /// besides Public, NonPublic and Instance. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic, BindingFlags extraFlags) { if (type == null) { throw new ArgumentNullException("type"); } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | extraFlags; // The only case we need to worry about is when the type is in the same assembly // as us. In all other cases, reflection will take care of security. if (type.Assembly == typeof(SecurityUtils).Assembly) { // if it's an internal type, we demand reflection permission. if (!(type.IsPublic || type.IsNestedPublic)) { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); } else if (allowNonPublic && !HasReflectionPermission) { // Someone is trying to invoke a ctor on a public type in *our* assembly, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. allowNonPublic = false; } } if (allowNonPublic) { flags |= BindingFlags.NonPublic; } ConstructorInfo ctor = type.GetConstructor(flags, null, argTypes, null); if (ctor != null) { return ctor.Invoke(args); } return null; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* */ #if WINFORMS_NAMESPACE namespace System.Windows.Forms #elif DRAWING_NAMESPACE namespace System.Drawing #elif WINFORMS_PUBLIC_GRAPHICS_LIBRARY namespace System.Internal #elif SYSTEM_NAMESPACE namespace System #else namespace System.Windows.Forms #endif { using System; using System.Reflection; using System.Diagnostics.CodeAnalysis; using System.Security; using System.Security.Permissions; ////// Useful methods to securely call 'dangerous' managed APIs (especially reflection). /// See http://wiki/default.aspx/Microsoft.Projects.DotNetClient.SecurityConcernsAroundReflection /// for more information specifically about why we need to be careful about reflection invocations. /// internal static class SecurityUtils { private static bool HasReflectionPermission { get { try { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); return true; } catch (SecurityException) { } return false; } } ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type) { return SecureCreateInstance(type, null); } ////// This helper method provides safe access to Activator.CreateInstance. /// NOTE: This overload will work only with public .ctors. /// internal static object SecureCreateInstance(Type type, object[] args) { if (type == null) { throw new ArgumentNullException("type"); } // The only case we need to worry about is when the type is in the same assembly // as us. In all other cases, reflection will take care of security. if (type.Assembly == typeof(SecurityUtils).Assembly && !(type.IsPublic || type.IsNestedPublic)) { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); } return Activator.CreateInstance(type, args); } ////// This helper method provides safe access to Activator.CreateInstance. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureCreateInstance(Type type, object[] args, bool allowNonPublic) { if (type == null) { throw new ArgumentNullException("type"); } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | BindingFlags.CreateInstance; // The only case we need to worry about is when the type is in the same assembly // as us. In all other cases, reflection will take care of security. if (type.Assembly == typeof(SecurityUtils).Assembly) { // if it's an internal type, we demand reflection permission. if (!(type.IsPublic || type.IsNestedPublic)) { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); } else if (allowNonPublic && !HasReflectionPermission) { // Someone is trying to instantiate a public type in *our* assembly, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. // The reason we don't directly demand the permission here is because we don't know whether // a public nr non-public .ctor will be invoked. We want to allow the public .ctor case to // succeed. allowNonPublic = false; } } if (allowNonPublic) { flags |= BindingFlags.NonPublic; } return Activator.CreateInstance(type, flags, null, args, null); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic) { return SecureConstructorInvoke(type, argTypes, args, allowNonPublic, BindingFlags.Default); } ////// Helper method to safely invoke a .ctor. You should prefer SecureCreateInstance to this. /// Set allowNonPublic to true if you want non public ctors to be used. /// The 'extraFlags' parameter is used to pass in any other flags you need, /// besides Public, NonPublic and Instance. /// internal static object SecureConstructorInvoke(Type type, Type[] argTypes, object[] args, bool allowNonPublic, BindingFlags extraFlags) { if (type == null) { throw new ArgumentNullException("type"); } BindingFlags flags = BindingFlags.Instance | BindingFlags.Public | extraFlags; // The only case we need to worry about is when the type is in the same assembly // as us. In all other cases, reflection will take care of security. if (type.Assembly == typeof(SecurityUtils).Assembly) { // if it's an internal type, we demand reflection permission. if (!(type.IsPublic || type.IsNestedPublic)) { (new ReflectionPermission(PermissionState.Unrestricted)).Demand(); } else if (allowNonPublic && !HasReflectionPermission) { // Someone is trying to invoke a ctor on a public type in *our* assembly, but does not // have full reflection permission. We shouldn't pass BindingFlags.NonPublic in this case. allowNonPublic = false; } } if (allowNonPublic) { flags |= BindingFlags.NonPublic; } ConstructorInfo ctor = type.GetConstructor(flags, null, argTypes, null); if (ctor != null) { return ctor.Invoke(args); } return null; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- PhysicalFontFamily.cs
- DataServiceEntityAttribute.cs
- DesignerProperties.cs
- SafeSecurityHandles.cs
- RequestChannelBinder.cs
- XPathDocumentIterator.cs
- CannotUnloadAppDomainException.cs
- EdgeModeValidation.cs
- RIPEMD160.cs
- BindingContext.cs
- SpotLight.cs
- securestring.cs
- PageSetupDialog.cs
- XmlDocumentViewSchema.cs
- MouseEventArgs.cs
- OracleTransaction.cs
- EditorPart.cs
- OdbcEnvironmentHandle.cs
- PropertyIDSet.cs
- TaiwanCalendar.cs
- MailAddress.cs
- ChainedAsyncResult.cs
- StyleSheetComponentEditor.cs
- AdapterDictionary.cs
- Clause.cs
- FontStyleConverter.cs
- ConfigurationStrings.cs
- MultiSelectRootGridEntry.cs
- CellQuery.cs
- ConfigXmlElement.cs
- XsdCachingReader.cs
- SpecularMaterial.cs
- newitemfactory.cs
- DateRangeEvent.cs
- CompiledRegexRunnerFactory.cs
- Point4DValueSerializer.cs
- VisualBasicSettingsConverter.cs
- ButtonAutomationPeer.cs
- Base64Stream.cs
- DynamicHyperLink.cs
- Expression.cs
- oledbmetadatacollectionnames.cs
- DropSourceBehavior.cs
- DateTimeValueSerializerContext.cs
- PolicyException.cs
- PauseStoryboard.cs
- TextSegment.cs
- SplineQuaternionKeyFrame.cs
- WindowsListViewItemCheckBox.cs
- StsCommunicationException.cs
- PlaceHolder.cs
- SqlDataSourceQueryEditorForm.cs
- HelpProvider.cs
- TrackingServices.cs
- XamlToRtfParser.cs
- ReadOnlyHierarchicalDataSourceView.cs
- TimelineGroup.cs
- followingsibling.cs
- LockRecursionException.cs
- AnchoredBlock.cs
- XmlHierarchyData.cs
- ContentPlaceHolder.cs
- RTTypeWrapper.cs
- HttpRequestCacheValidator.cs
- XmlCharType.cs
- GridItem.cs
- QueryAccessibilityHelpEvent.cs
- String.cs
- WebSysDescriptionAttribute.cs
- XmlFormatExtensionPointAttribute.cs
- AssociationType.cs
- KeyValueConfigurationElement.cs
- ExitEventArgs.cs
- EncryptedReference.cs
- XmlMembersMapping.cs
- HttpModuleAction.cs
- ConfigurationManagerHelper.cs
- EnvironmentPermission.cs
- Menu.cs
- PropertyChangingEventArgs.cs
- XmlSerializer.cs
- ChildTable.cs
- TypeResolver.cs
- WebException.cs
- HttpFileCollection.cs
- X509PeerCertificateElement.cs
- ProcessInfo.cs
- ValidationSummary.cs
- KoreanCalendar.cs
- CallTemplateAction.cs
- TableColumnCollectionInternal.cs
- TimelineGroup.cs
- XmlRootAttribute.cs
- SamlAuthenticationStatement.cs
- RoleServiceManager.cs
- AutomationElement.cs
- ToolStripSeparator.cs
- QueryAccessibilityHelpEvent.cs
- WSTrustFeb2005.cs
- sqlstateclientmanager.cs