internal static byte[] GetDacl(string filename)
        {
            int lengthNeeded = 0;
            int num2         = UnsafeNativeMethods.GetFileSecurity(filename, 7, null, 0, ref lengthNeeded);
            int lastError    = Marshal.GetLastWin32Error();

            if (num2 != 0)
            {
                return(s_nullDacl);
            }
            if (HttpException.HResultFromLastError(lastError) != -2147024774)
            {
                return(null);
            }
            byte[] securityDescriptor = new byte[lengthNeeded];
            if (UnsafeNativeMethods.GetFileSecurity(filename, 7, securityDescriptor, securityDescriptor.Length, ref lengthNeeded) == 0)
            {
                return(null);
            }
            byte[] buffer2 = (byte[])s_interned[securityDescriptor];
            if (buffer2 == null)
            {
                lock (s_interned.SyncRoot)
                {
                    buffer2 = (byte[])s_interned[securityDescriptor];
                    if (buffer2 == null)
                    {
                        buffer2             = securityDescriptor;
                        s_interned[buffer2] = buffer2;
                    }
                }
            }
            return(buffer2);
        }
        internal static SafeStringResource ReadSafeStringResource(Type t)
        {
            if (HttpRuntime.CodegenDirInternal != null)
            {
                InternalSecurityPermissions.PathDiscovery(HttpRuntime.CodegenDirInternal).Assert();
            }
            IntPtr moduleHandle = UnsafeNativeMethods.GetModuleHandle(t.Module.FullyQualifiedName);

            if (moduleHandle == IntPtr.Zero)
            {
                moduleHandle = Marshal.GetHINSTANCE(t.Module);
                if (moduleHandle == IntPtr.Zero)
                {
                    throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "GetModuleHandle", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
                }
            }
            IntPtr hResInfo = UnsafeNativeMethods.FindResource(moduleHandle, (IntPtr)0x65, (IntPtr)0xebb);

            if (hResInfo == IntPtr.Zero)
            {
                throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "FindResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
            }
            int    size     = UnsafeNativeMethods.SizeofResource(moduleHandle, hResInfo);
            IntPtr hResData = UnsafeNativeMethods.LoadResource(moduleHandle, hResInfo);

            if (hResData == IntPtr.Zero)
            {
                throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "LoadResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
            }
            IntPtr ip = UnsafeNativeMethods.LockResource(hResData);

            if (ip == IntPtr.Zero)
            {
                throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "LockResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
            }
            if (!UnsafeNativeMethods.IsValidResource(moduleHandle, ip, size))
            {
                throw new InvalidOperationException();
            }
            return(new SafeStringResource(ip, size));
        }
Exemple #3
0
        internal static SafeStringResource ReadSafeStringResource(Type t)
        {
            // Module.FullyQualifiedName was changed to check for FileIOPermission regardless of the name being an existing file or not.
            // we need to Assert in order to succeed the Demand() (ASURT 121603)
            (InternalSecurityPermissions.PathDiscovery(HttpRuntime.CodegenDirInternal)).Assert();

            string dllPath = t.Module.FullyQualifiedName;

            IntPtr hModule = UnsafeNativeMethods.GetModuleHandle(dllPath);

            if (hModule == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "GetModuleHandle", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            IntPtr hrsrc = UnsafeNativeMethods.FindResource(hModule, (IntPtr)RESOURCE_ID, (IntPtr)RESOURCE_TYPE);

            if (hrsrc == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "FindResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            int resSize = UnsafeNativeMethods.SizeofResource(hModule, hrsrc);

            IntPtr hglob = UnsafeNativeMethods.LoadResource(hModule, hrsrc);

            if (hglob == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "LoadResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            IntPtr pv = UnsafeNativeMethods.LockResource(hglob);

            if (pv == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "LockResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            // Make sure the end of the resource lies within the module.  this can be an issue
            // if the resource has been hacked with an invalid length (ASURT 145040)
            if (!UnsafeNativeMethods.IsValidResource(hModule, pv, resSize))
            {
                throw new InvalidOperationException();
            }

            return(new SafeStringResource(pv, resSize));
        }
        internal static SafeStringResource ReadSafeStringResource(Type t)
        {
            // At designtime CodeGenDir is null.
            if (HttpRuntime.CodegenDirInternal != null)
            {
                // Module.FullyQualifiedName was changed to check for FileIOPermission regardless of the name being an existing file or not.
                // we need to Assert in order to succeed the Demand() (ASURT 121603)
                (InternalSecurityPermissions.PathDiscovery(HttpRuntime.CodegenDirInternal)).Assert();
            }

            string dllPath = t.Module.FullyQualifiedName;


            IntPtr hModule = UnsafeNativeMethods.GetModuleHandle(dllPath);

            if (hModule == IntPtr.Zero)
            {
                // GetModuleHandle could fail if the assembly was renamed to .delete.  So we fall back to
                // calling Marshal.GetHINSTANCE, which is more reliable.  Ideally, we should always do this
                // directly, but to limit the risk, we only do it as a fall back (VSWhidbey 394621)
                hModule = Marshal.GetHINSTANCE(t.Module);
                if (hModule == IntPtr.Zero)
                {
                    throw new HttpException(SR.GetString(SR.Resource_problem,
                                                         "GetModuleHandle", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
                }
            }

            IntPtr hrsrc = UnsafeNativeMethods.FindResource(hModule, (IntPtr)RESOURCE_ID, (IntPtr)RESOURCE_TYPE);

            if (hrsrc == IntPtr.Zero)
            {
                throw new HttpException(SR.GetString(SR.Resource_problem,
                                                     "FindResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
            }

            int resSize = UnsafeNativeMethods.SizeofResource(hModule, hrsrc);

            IntPtr hglob = UnsafeNativeMethods.LoadResource(hModule, hrsrc);

            if (hglob == IntPtr.Zero)
            {
                throw new HttpException(SR.GetString(SR.Resource_problem,
                                                     "LoadResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
            }

            IntPtr pv = UnsafeNativeMethods.LockResource(hglob);

            if (pv == IntPtr.Zero)
            {
                throw new HttpException(SR.GetString(SR.Resource_problem,
                                                     "LockResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
            }

            // Make sure the end of the resource lies within the module.  this can be an issue
            // if the resource has been hacked with an invalid length (ASURT 145040)
            if (!UnsafeNativeMethods.IsValidResource(hModule, pv, resSize))
            {
                throw new InvalidOperationException();
            }

            return(new SafeStringResource(pv, resSize));
        }