コード例 #1
0
        internal static SafeStringResource ReadSafeStringResource(Type t)
        {
            // Module.FullyQualifiedName was changed to check for FileIOPermission regardless of the name being an existing file or not.
            // we need to Assert in order to succeed the Demand() (ASURT 121603)
            (InternalSecurityPermissions.PathDiscovery(HttpRuntime.CodegenDirInternal)).Assert();

            string dllPath = t.Module.FullyQualifiedName;

            IntPtr hModule = UnsafeNativeMethods.GetModuleHandle(dllPath);

            if (hModule == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "GetModuleHandle", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            IntPtr hrsrc = UnsafeNativeMethods.FindResource(hModule, (IntPtr)RESOURCE_ID, (IntPtr)RESOURCE_TYPE);

            if (hrsrc == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "FindResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            int resSize = UnsafeNativeMethods.SizeofResource(hModule, hrsrc);

            IntPtr hglob = UnsafeNativeMethods.LoadResource(hModule, hrsrc);

            if (hglob == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "LoadResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            IntPtr pv = UnsafeNativeMethods.LockResource(hglob);

            if (pv == (IntPtr)0)
            {
                throw new HttpException(HttpRuntime.FormatResourceString(SR.Resource_problem,
                                                                         "LockResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString()));
            }

            // Make sure the end of the resource lies within the module.  this can be an issue
            // if the resource has been hacked with an invalid length (ASURT 145040)
            if (!UnsafeNativeMethods.IsValidResource(hModule, pv, resSize))
            {
                throw new InvalidOperationException();
            }

            return(new SafeStringResource(pv, resSize));
        }
コード例 #2
0
        internal static SafeStringResource ReadSafeStringResource(Type t)
        {
            if (HttpRuntime.CodegenDirInternal != null)
            {
                InternalSecurityPermissions.PathDiscovery(HttpRuntime.CodegenDirInternal).Assert();
            }
            IntPtr moduleHandle = UnsafeNativeMethods.GetModuleHandle(t.Module.FullyQualifiedName);

            if (moduleHandle == IntPtr.Zero)
            {
                moduleHandle = Marshal.GetHINSTANCE(t.Module);
                if (moduleHandle == IntPtr.Zero)
                {
                    throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "GetModuleHandle", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
                }
            }
            IntPtr hResInfo = UnsafeNativeMethods.FindResource(moduleHandle, (IntPtr)0x65, (IntPtr)0xebb);

            if (hResInfo == IntPtr.Zero)
            {
                throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "FindResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
            }
            int    size     = UnsafeNativeMethods.SizeofResource(moduleHandle, hResInfo);
            IntPtr hResData = UnsafeNativeMethods.LoadResource(moduleHandle, hResInfo);

            if (hResData == IntPtr.Zero)
            {
                throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "LoadResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
            }
            IntPtr ip = UnsafeNativeMethods.LockResource(hResData);

            if (ip == IntPtr.Zero)
            {
                throw new HttpException(System.Web.SR.GetString("Resource_problem", new object[] { "LockResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture) }));
            }
            if (!UnsafeNativeMethods.IsValidResource(moduleHandle, ip, size))
            {
                throw new InvalidOperationException();
            }
            return(new SafeStringResource(ip, size));
        }
コード例 #3
0
        public void Execute(string path, TextWriter writer, bool preserveForm)
        {
            if (this._context == null)
            {
                throw new HttpException(System.Web.SR.GetString("Server_not_available"));
            }
            if (path == null)
            {
                throw new ArgumentNullException("path");
            }
            string      queryStringOverride = null;
            HttpRequest request             = this._context.Request;

            path = this._context.Response.RemoveAppPathModifier(path);
            int index = path.IndexOf('?');

            if (index >= 0)
            {
                queryStringOverride = path.Substring(index + 1);
                path = path.Substring(0, index);
            }
            if (!UrlPath.IsValidVirtualPathWithoutProtocol(path))
            {
                throw new ArgumentException(System.Web.SR.GetString("Invalid_path_for_child_request", new object[] { path }));
            }
            VirtualPath  virtualPath = VirtualPath.Create(path);
            IHttpHandler handler     = null;
            string       filename    = request.MapPath(virtualPath);
            VirtualPath  path3       = request.FilePathObject.Combine(virtualPath);

            InternalSecurityPermissions.FileReadAccess(filename).Demand();
            if (HttpRuntime.IsLegacyCas)
            {
                InternalSecurityPermissions.Unrestricted.Assert();
            }
            try
            {
                if (StringUtil.StringEndsWith(virtualPath.VirtualPathString, '.'))
                {
                    throw new HttpException(0x194, string.Empty);
                }
                bool useAppConfig = !path3.IsWithinAppRoot;
                using (new DisposableHttpContextWrapper(this._context))
                {
                    try
                    {
                        this._context.ServerExecuteDepth++;
                        if (this._context.WorkerRequest is IIS7WorkerRequest)
                        {
                            handler = this._context.ApplicationInstance.MapIntegratedHttpHandler(this._context, request.RequestType, path3, filename, useAppConfig, true);
                        }
                        else
                        {
                            handler = this._context.ApplicationInstance.MapHttpHandler(this._context, request.RequestType, path3, filename, useAppConfig);
                        }
                    }
                    finally
                    {
                        this._context.ServerExecuteDepth--;
                    }
                }
            }
            catch (Exception exception)
            {
                if (exception is HttpException)
                {
                    int httpCode = ((HttpException)exception).GetHttpCode();
                    if ((httpCode != 500) && (httpCode != 0x194))
                    {
                        exception = null;
                    }
                }
                throw new HttpException(System.Web.SR.GetString("Error_executing_child_request_for_path", new object[] { path }), exception);
            }
            this.ExecuteInternal(handler, writer, preserveForm, true, virtualPath, path3, filename, null, queryStringOverride);
        }
コード例 #4
0
        internal static SafeStringResource ReadSafeStringResource(Type t)
        {
            // At designtime CodeGenDir is null.
            if (HttpRuntime.CodegenDirInternal != null)
            {
                // Module.FullyQualifiedName was changed to check for FileIOPermission regardless of the name being an existing file or not.
                // we need to Assert in order to succeed the Demand() (ASURT 121603)
                (InternalSecurityPermissions.PathDiscovery(HttpRuntime.CodegenDirInternal)).Assert();
            }

            string dllPath = t.Module.FullyQualifiedName;


            IntPtr hModule = UnsafeNativeMethods.GetModuleHandle(dllPath);

            if (hModule == IntPtr.Zero)
            {
                // GetModuleHandle could fail if the assembly was renamed to .delete.  So we fall back to
                // calling Marshal.GetHINSTANCE, which is more reliable.  Ideally, we should always do this
                // directly, but to limit the risk, we only do it as a fall back (VSWhidbey 394621)
                hModule = Marshal.GetHINSTANCE(t.Module);
                if (hModule == IntPtr.Zero)
                {
                    throw new HttpException(SR.GetString(SR.Resource_problem,
                                                         "GetModuleHandle", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
                }
            }

            IntPtr hrsrc = UnsafeNativeMethods.FindResource(hModule, (IntPtr)RESOURCE_ID, (IntPtr)RESOURCE_TYPE);

            if (hrsrc == IntPtr.Zero)
            {
                throw new HttpException(SR.GetString(SR.Resource_problem,
                                                     "FindResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
            }

            int resSize = UnsafeNativeMethods.SizeofResource(hModule, hrsrc);

            IntPtr hglob = UnsafeNativeMethods.LoadResource(hModule, hrsrc);

            if (hglob == IntPtr.Zero)
            {
                throw new HttpException(SR.GetString(SR.Resource_problem,
                                                     "LoadResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
            }

            IntPtr pv = UnsafeNativeMethods.LockResource(hglob);

            if (pv == IntPtr.Zero)
            {
                throw new HttpException(SR.GetString(SR.Resource_problem,
                                                     "LockResource", HttpException.HResultFromLastError(Marshal.GetLastWin32Error()).ToString(CultureInfo.InvariantCulture)));
            }

            // Make sure the end of the resource lies within the module.  this can be an issue
            // if the resource has been hacked with an invalid length (ASURT 145040)
            if (!UnsafeNativeMethods.IsValidResource(hModule, pv, resSize))
            {
                throw new InvalidOperationException();
            }

            return(new SafeStringResource(pv, resSize));
        }