public static object DeserializeObjectFromFile_osf(string file)
{
IFormatter formatter = new System.Web.UI.ObjectStateFormatter();
Stream stream = new FileStream(file, FileMode.Open, FileAccess.Read, FileShare.None);
object obj = formatter.Deserialize(stream);
stream.Close();
return(obj);
}
static void testPayload(byte[] payload, string method)
{
try {
switch (method.ToLower())
{
case "binaryformatter":
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter bf = new System.Runtime.Serialization.Formatters.Binary.BinaryFormatter();
bf.Deserialize(new System.IO.MemoryStream(payload));
break;
case "objectstateformatter":
System.Web.UI.ObjectStateFormatter osf = new System.Web.UI.ObjectStateFormatter();
osf.Deserialize(new System.IO.MemoryStream(payload));
break;
case "soapformatter":
System.Runtime.Serialization.Formatters.Soap.SoapFormatter sf = new System.Runtime.Serialization.Formatters.Soap.SoapFormatter();
sf.Deserialize(new System.IO.MemoryStream(payload));
break;
case "losformatter":
System.Web.UI.LosFormatter lf = new System.Web.UI.LosFormatter();
lf.Deserialize(new System.IO.MemoryStream(payload));
break;
default:
Console.WriteLine("Not supported");
break;
}
}
catch (System.Reflection.TargetInvocationException tie)
{
// Internal InvalidCastException is expected
}
catch (ArgumentException ae)
{
// Internal InvalidCastException is expected
}
}
static void Method(string json, TypeNameHandling param)
{
//Unsafe 2
var data = JsonConvert.DeserializeObject <Model>(json, new JsonSerializerSettings
{
TypeNameHandling = TypeNameHandling.Objects
});
var serializeSettings = new JsonSerializerSettings();
serializeSettings.TypeNameHandling = TypeNameHandling.All;
serializeSettings.TypeNameHandling = (TypeNameHandling)2;
serializeSettings = new JsonSerializerSettings
{
TypeNameHandling = param
};
serializeSettings.TypeNameHandling = GetHandling("");
// Unsafe 5
BinaryMessageFormatter binaryMessage = new System.Messaging.BinaryMessageFormatter();
binaryMessage.Read(new Message());
// Unsafe 7
System.Web.UI.ObjectStateFormatter formatter = new System.Web.UI.ObjectStateFormatter();
formatter.Deserialize("");
formatter.Deserialize(new MemoryStream());
// Unsafe 8
XmlObjectSerializer xmlObjectSerializer = null;
xmlObjectSerializer.ReadObject(new MemoryStream());
// Unsafe 11
DataContractJsonSerializer dataContractJsonSerializer = new DataContractJsonSerializer(typeof(InsecureDeserialize));
dataContractJsonSerializer.ReadObject(new MemoryStream());
dataContractJsonSerializer.ReadObject(XmlDictionaryReader.Create(""));
dataContractJsonSerializer.ReadObject(XmlDictionaryReader.Create(""), false);
dataContractJsonSerializer.ReadObject(XmlReader.Create(""));
dataContractJsonSerializer.ReadObject(XmlReader.Create(""), false);
// Unsafe 12
XmlSerializer xmlSerializer = new XmlSerializer(typeof(InsecureDeserialize));
xmlSerializer.Deserialize(new MemoryStream());
xmlSerializer.Deserialize(TextReader.Null);
xmlSerializer.Deserialize(XmlReader.Create(""));
xmlSerializer.Deserialize(XmlReader.Create(""), "\"");
xmlSerializer.Deserialize(XmlReader.Create(""), new System.Xml.Serialization.XmlDeserializationEvents());
xmlSerializer.Deserialize(XmlReader.Create(""), "\"", new System.Xml.Serialization.XmlDeserializationEvents());
// Unsafe 13
System.Messaging.XmlMessageFormatter xmlMessageFormatter = new XmlMessageFormatter();
xmlMessageFormatter.Read(new System.Messaging.Message());
// Unsafe 14
System.Resources.ResourceReader resourceReader = new System.Resources.ResourceReader("");
resourceReader = new System.Resources.ResourceReader(new MemoryStream());
// Unsafe 15
fastJSON.JSON.ToObject("");
// Unsafe 16
ServiceStack.Text.JsonSerializer.DeserializeFromString("", typeof(InsecureDeserialize));
ServiceStack.Text.JsonSerializer.DeserializeFromReader(TextReader.Null, typeof(InsecureDeserialize));
ServiceStack.Text.JsonSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream());
ServiceStack.Text.TypeSerializer.DeserializeFromString("", typeof(InsecureDeserialize));
ServiceStack.Text.TypeSerializer.DeserializeFromReader(TextReader.Null, typeof(InsecureDeserialize));
ServiceStack.Text.TypeSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream());
ServiceStack.Text.CsvSerializer.DeserializeFromString(typeof(InsecureDeserialize), "");
ServiceStack.Text.CsvSerializer.DeserializeFromReader <InsecureDeserialize>(TextReader.Null);
ServiceStack.Text.CsvSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream());
ServiceStack.Text.XmlSerializer.DeserializeFromString("", typeof(InsecureDeserialize));
ServiceStack.Text.XmlSerializer.DeserializeFromReader <InsecureDeserialize>(TextReader.Null);
ServiceStack.Text.XmlSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream());
}
public void ObjectStateFormatter()
{
var serializer = new System.Web.UI.ObjectStateFormatter();
serializer.Deserialize(new MemoryStream());
}