private IEnumerable <ValidationResult> ValidateMethodsInType(AbstractPolicy policy, TypeDefinition type) { var findings = new List <ValidationResult>(); foreach (var method in type.Methods) { findings.AddRange(policy.MethodValidators.SelectMany(v => v.Validate(method))); } foreach (var nestedType in type.NestedTypes) { findings.AddRange(ValidateMethodsInType(policy, nestedType)); } return(findings); }
private void AuditWithPolicy(byte[] code, RequiredAcs requiredAcs, AbstractPolicy policy) { var findings = new List <ValidationResult>(); var modDef = ModuleDefinition.ReadModule(new MemoryStream(code)); // Check against whitelist findings.AddRange(policy.Whitelist.Validate(modDef)); // Run module validators findings.AddRange(policy.ModuleValidators.SelectMany(v => v.Validate(modDef))); var asm = Assembly.Load(code); // Run assembly validators (run after module validators since we invoke BindService method below) findings.AddRange(policy.AssemblyValidators.SelectMany(v => v.Validate(asm))); // Run method validators foreach (var type in modDef.Types) { findings.AddRange(ValidateMethodsInType(policy, type)); } // Perform ACS validation if (requiredAcs != null) { findings.AddRange(_acsValidator.Validate(asm, requiredAcs)); } if (findings.Count > 0) { throw new CSharpInvalidCodeException( $"Contract code did not pass audit. Audit failed for contract: {modDef.Assembly.MainModule.Name}\n" + string.Join("\n", findings), findings); } }