コード例 #1
0
        public MyScriptWhitelist(MyScriptCompiler scriptCompiler)
        {
            m_scriptCompiler = scriptCompiler;
            using (var handle = this.OpenBatch())
            {
                handle.AllowNamespaceOfTypes(MyWhitelistTarget.Both,
                    typeof(System.Collections.IEnumerator),
                    typeof(System.Collections.Generic.IEnumerable<>),
                    typeof(System.Collections.Generic.HashSet<>),
                    typeof(System.Collections.Generic.Queue<>),
                    typeof(System.Collections.Concurrent.ConcurrentDictionary<,>),
                    typeof(System.Collections.Concurrent.ConcurrentBag<>),
                    typeof(System.Linq.Enumerable),
                    typeof(System.Text.StringBuilder),
                    typeof(System.Text.RegularExpressions.Regex),
                    typeof(System.Globalization.Calendar)
                );

                // Are we _sure_ about this one? Seems scary to say the least...
                handle.AllowNamespaceOfTypes(MyWhitelistTarget.ModApi, typeof(System.Timers.Timer));

                handle.AllowTypes(MyWhitelistTarget.ModApi,
                    typeof(System.Diagnostics.TraceEventType),
                    typeof(AssemblyProductAttribute),
                    typeof(AssemblyDescriptionAttribute),
                    typeof(AssemblyConfigurationAttribute),
                    typeof(AssemblyCompanyAttribute),
                    typeof(AssemblyCultureAttribute),
                    typeof(AssemblyVersionAttribute),
                    typeof(AssemblyFileVersionAttribute),
                    typeof(AssemblyCopyrightAttribute),
                    typeof(AssemblyTrademarkAttribute),
                    typeof(AssemblyTitleAttribute),
                    typeof(ComVisibleAttribute),
                    typeof(DefaultValueAttribute),
                    typeof(SerializableAttribute),
                    typeof(GuidAttribute),
                    typeof(StructLayoutAttribute),
                    typeof(LayoutKind)
                );
                
                // TODO: Evaluate whether any of the following may be better off whitelisted for modAPI only

                handle.AllowTypes(MyWhitelistTarget.Both,
                    //typeof(System.MulticastDelegate), //delegates allowed directly in checking, delegates are harmless since you have to call or store something in it which is also checked
                    typeof(object),
                    typeof(System.IDisposable),
                    typeof(string),
                    typeof(System.StringComparison),
                    typeof(System.Math),
                    typeof(System.Enum),
                    typeof(int),
                    typeof(short),
                    typeof(long),
                    typeof(uint),
                    typeof(ushort),
                    typeof(ulong),
                    typeof(double),
                    typeof(float),
                    typeof(bool),
                    typeof(char),
                    typeof(byte),
                    typeof(sbyte),
                    typeof(decimal),
                    typeof(System.DateTime),
                    typeof(System.TimeSpan),
                    typeof(System.Array),
                    typeof(System.Xml.Serialization.XmlElementAttribute),
                    typeof(System.Xml.Serialization.XmlAttributeAttribute),
                    typeof(System.Xml.Serialization.XmlArrayAttribute),
                    typeof(System.Xml.Serialization.XmlArrayItemAttribute),
                    typeof(System.Xml.Serialization.XmlAnyAttributeAttribute),
                    typeof(System.Xml.Serialization.XmlAnyElementAttribute),
                    typeof(System.Xml.Serialization.XmlAnyElementAttributes),
                    typeof(System.Xml.Serialization.XmlArrayItemAttributes),
                    typeof(System.Xml.Serialization.XmlAttributeEventArgs),
                    typeof(System.Xml.Serialization.XmlAttributeOverrides),
                    typeof(System.Xml.Serialization.XmlAttributes),
                    typeof(System.Xml.Serialization.XmlChoiceIdentifierAttribute),
                    typeof(System.Xml.Serialization.XmlElementAttributes),
                    typeof(System.Xml.Serialization.XmlElementEventArgs),
                    typeof(System.Xml.Serialization.XmlEnumAttribute),
                    typeof(System.Xml.Serialization.XmlIgnoreAttribute),
                    typeof(System.Xml.Serialization.XmlIncludeAttribute),
                    typeof(System.Xml.Serialization.XmlRootAttribute),
                    typeof(System.Xml.Serialization.XmlTextAttribute),
                    typeof(System.Xml.Serialization.XmlTypeAttribute),
                    typeof(System.Runtime.CompilerServices.RuntimeHelpers),
                    typeof(System.IO.Stream),
                    //typeof(System.IO.StreamWriter),//can be constructed with path
                    //typeof(System.IO.StreamReader),
                    typeof(System.IO.TextWriter),
                    typeof(System.IO.TextReader),
                    typeof(System.IO.BinaryReader),
                    typeof(System.IO.BinaryWriter),
                    typeof(NullReferenceException),
                    typeof(ArgumentException),
                    typeof(ArgumentNullException),
                    typeof(InvalidOperationException),
                    typeof(FormatException),
                    typeof(System.Exception),
                    typeof(System.DivideByZeroException),
                    typeof(System.InvalidCastException),
                    typeof(System.IO.FileNotFoundException),
                    typeof(NotSupportedException),
                    typeof(System.Nullable<>),
                    typeof(StringComparer),
                    typeof(System.IEquatable<>),
                    typeof(System.IComparable),
                    typeof(System.IComparable<>),
                    typeof(System.BitConverter), // Useful for serializing custom messages/data in non-xml format
                    typeof(System.FlagsAttribute),
                    typeof(System.IO.Path),
                    typeof(System.Random),
                    //typeof(System.Runtime.CompilerServices.CompilerHelper), // We use this in tests
                    typeof(System.Convert), //Enum needs it, also usefull tool, they can convert object to type but cannot call what isnt whitelisted and Method.Invoke isnt whitelisted
                    typeof(StringSplitOptions),
                    typeof(DateTimeKind),
                    typeof(MidpointRounding),
                    typeof(EventArgs)
                );

                handle.AllowMembers(MyWhitelistTarget.Both,
                    typeof(System.Reflection.MemberInfo).GetProperty("Name"));

                handle.AllowMembers(MyWhitelistTarget.Both,
                    typeof(Type).GetProperty("FullName"),
                    typeof(Type).GetMethod("GetTypeFromHandle"),
                    typeof(Type).GetMethod("GetFields", new[] {typeof(System.Reflection.BindingFlags)}),
                    typeof(Type).GetMethod("IsEquivalentTo"),
                    typeof(Type).GetMethod("op_Equality"),
                    typeof(Type).GetMethod("ToString")
                    );

                //var t = typeof(MethodInfo).Assembly.GetType("System.Reflection.RuntimeMethodInfo");
                //AllowedOperands[t] = new List<MemberInfo>() { t.GetMethod("Equals") };

                handle.AllowMembers(MyWhitelistTarget.Both,
                    typeof(ValueType).GetMethod("Equals"),
                    typeof(ValueType).GetMethod("GetHashCode"),
                    typeof(ValueType).GetMethod("ToString")
                    );

                handle.AllowMembers(MyWhitelistTarget.Both,
                    typeof(Environment).GetProperty("CurrentManagedThreadId", BindingFlags.Static | BindingFlags.Public),
                    typeof(Environment).GetProperty("NewLine", BindingFlags.Static | BindingFlags.Public),
                    typeof(Environment).GetProperty("ProcessorCount", BindingFlags.Static | BindingFlags.Public)
                    );

                // TODO: The following may not be necessary at all
                var rt = typeof(Type).Assembly.GetType("System.RuntimeType");
                handle.AllowMembers(MyWhitelistTarget.Both,
                    rt.GetMethod("op_Inequality"),
                    rt.GetMethod("GetFields", new[] {typeof(System.Reflection.BindingFlags)})
                    );

                //var rtField = typeof(Type).Assembly.GetType("System.Reflection.RtFieldInfo");
                //handle.AllowMembers(WhitelistTarget.Both,
                //    rtField.GetMethod("UnsafeGetValue", BindingFlags.NonPublic | BindingFlags.Instance)
                //    );
            }
        }
コード例 #2
0
        public MyScriptWhitelist(MyScriptCompiler scriptCompiler)
        {
            m_scriptCompiler = scriptCompiler;
            using (var handle = this.OpenBatch())
            {
                handle.AllowNamespaceOfTypes(MyWhitelistTarget.Both,
                                             typeof(System.Collections.IEnumerator),
                                             typeof(System.Collections.Generic.IEnumerable <>),
                                             typeof(System.Collections.Generic.HashSet <>),
                                             typeof(System.Collections.Generic.Queue <>),
                                             typeof(System.Collections.Concurrent.ConcurrentDictionary <,>),
                                             typeof(System.Collections.Concurrent.ConcurrentBag <>),
                                             typeof(System.Linq.Enumerable),
                                             typeof(System.Text.StringBuilder),
                                             typeof(System.Text.RegularExpressions.Regex),
                                             typeof(System.Globalization.Calendar)
                                             );

                // Are we _sure_ about this one? Seems scary to say the least...
                handle.AllowNamespaceOfTypes(MyWhitelistTarget.ModApi, typeof(System.Timers.Timer));

                handle.AllowTypes(MyWhitelistTarget.ModApi,
                                  typeof(System.Diagnostics.TraceEventType),
                                  typeof(AssemblyProductAttribute),
                                  typeof(AssemblyDescriptionAttribute),
                                  typeof(AssemblyConfigurationAttribute),
                                  typeof(AssemblyCompanyAttribute),
                                  typeof(AssemblyCultureAttribute),
                                  typeof(AssemblyVersionAttribute),
                                  typeof(AssemblyFileVersionAttribute),
                                  typeof(AssemblyCopyrightAttribute),
                                  typeof(AssemblyTrademarkAttribute),
                                  typeof(AssemblyTitleAttribute),
                                  typeof(ComVisibleAttribute),
                                  typeof(DefaultValueAttribute),
                                  typeof(SerializableAttribute),
                                  typeof(GuidAttribute),
                                  typeof(StructLayoutAttribute),
                                  typeof(LayoutKind)
                                  );

                // TODO: Evaluate whether any of the following may be better off whitelisted for modAPI only

                handle.AllowTypes(MyWhitelistTarget.Both,
                                  //typeof(System.MulticastDelegate), //delegates allowed directly in checking, delegates are harmless since you have to call or store something in it which is also checked
                                  typeof(object),
                                  typeof(System.IDisposable),
                                  typeof(string),
                                  typeof(System.StringComparison),
                                  typeof(System.Math),
                                  typeof(System.Enum),
                                  typeof(int),
                                  typeof(short),
                                  typeof(long),
                                  typeof(uint),
                                  typeof(ushort),
                                  typeof(ulong),
                                  typeof(double),
                                  typeof(float),
                                  typeof(bool),
                                  typeof(char),
                                  typeof(byte),
                                  typeof(sbyte),
                                  typeof(decimal),
                                  typeof(System.DateTime),
                                  typeof(System.TimeSpan),
                                  typeof(System.Array),
                                  typeof(System.Xml.Serialization.XmlElementAttribute),
                                  typeof(System.Xml.Serialization.XmlAttributeAttribute),
                                  typeof(System.Xml.Serialization.XmlArrayAttribute),
                                  typeof(System.Xml.Serialization.XmlArrayItemAttribute),
                                  typeof(System.Xml.Serialization.XmlAnyAttributeAttribute),
                                  typeof(System.Xml.Serialization.XmlAnyElementAttribute),
                                  typeof(System.Xml.Serialization.XmlAnyElementAttributes),
                                  typeof(System.Xml.Serialization.XmlArrayItemAttributes),
                                  typeof(System.Xml.Serialization.XmlAttributeEventArgs),
                                  typeof(System.Xml.Serialization.XmlAttributeOverrides),
                                  typeof(System.Xml.Serialization.XmlAttributes),
                                  typeof(System.Xml.Serialization.XmlChoiceIdentifierAttribute),
                                  typeof(System.Xml.Serialization.XmlElementAttributes),
                                  typeof(System.Xml.Serialization.XmlElementEventArgs),
                                  typeof(System.Xml.Serialization.XmlEnumAttribute),
                                  typeof(System.Xml.Serialization.XmlIgnoreAttribute),
                                  typeof(System.Xml.Serialization.XmlIncludeAttribute),
                                  typeof(System.Xml.Serialization.XmlRootAttribute),
                                  typeof(System.Xml.Serialization.XmlTextAttribute),
                                  typeof(System.Xml.Serialization.XmlTypeAttribute),
                                  typeof(System.Runtime.CompilerServices.RuntimeHelpers),
                                  typeof(System.IO.Stream),
                                  //typeof(System.IO.StreamWriter),//can be constructed with path
                                  //typeof(System.IO.StreamReader),
                                  typeof(System.IO.TextWriter),
                                  typeof(System.IO.TextReader),
                                  typeof(System.IO.BinaryReader),
                                  typeof(System.IO.BinaryWriter),
                                  typeof(NullReferenceException),
                                  typeof(ArgumentException),
                                  typeof(ArgumentNullException),
                                  typeof(InvalidOperationException),
                                  typeof(FormatException),
                                  typeof(System.Exception),
                                  typeof(System.DivideByZeroException),
                                  typeof(System.InvalidCastException),
                                  typeof(System.IO.FileNotFoundException),
                                  typeof(NotSupportedException),
                                  typeof(System.Nullable <>),
                                  typeof(StringComparer),
                                  typeof(System.IEquatable <>),
                                  typeof(System.IComparable),
                                  typeof(System.IComparable <>),
                                  typeof(System.BitConverter), // Useful for serializing custom messages/data in non-xml format
                                  typeof(System.FlagsAttribute),
                                  typeof(System.IO.Path),
                                  typeof(System.Random),
                                                          //typeof(System.Runtime.CompilerServices.CompilerHelper), // We use this in tests
                                  typeof(System.Convert), //Enum needs it, also usefull tool, they can convert object to type but cannot call what isnt whitelisted and Method.Invoke isnt whitelisted
                                  typeof(StringSplitOptions),
                                  typeof(DateTimeKind),
                                  typeof(MidpointRounding),
                                  typeof(EventArgs)
                                  );

                handle.AllowMembers(MyWhitelistTarget.Both,
                                    typeof(System.Reflection.MemberInfo).GetProperty("Name"));

                handle.AllowMembers(MyWhitelistTarget.Both,
                                    typeof(Type).GetProperty("FullName"),
                                    typeof(Type).GetMethod("GetTypeFromHandle"),
                                    typeof(Type).GetMethod("GetFields", new[] { typeof(System.Reflection.BindingFlags) }),
                                    typeof(Type).GetMethod("IsEquivalentTo"),
                                    typeof(Type).GetMethod("op_Equality"),
                                    typeof(Type).GetMethod("ToString")
                                    );

                //var t = typeof(MethodInfo).Assembly.GetType("System.Reflection.RuntimeMethodInfo");
                //AllowedOperands[t] = new List<MemberInfo>() { t.GetMethod("Equals") };

                handle.AllowMembers(MyWhitelistTarget.Both,
                                    typeof(ValueType).GetMethod("Equals"),
                                    typeof(ValueType).GetMethod("GetHashCode"),
                                    typeof(ValueType).GetMethod("ToString")
                                    );

                handle.AllowMembers(MyWhitelistTarget.Both,
                                    typeof(Environment).GetProperty("CurrentManagedThreadId", BindingFlags.Static | BindingFlags.Public),
                                    typeof(Environment).GetProperty("NewLine", BindingFlags.Static | BindingFlags.Public),
                                    typeof(Environment).GetProperty("ProcessorCount", BindingFlags.Static | BindingFlags.Public)
                                    );

                // TODO: The following may not be necessary at all
                var rt = typeof(Type).Assembly.GetType("System.RuntimeType");
                handle.AllowMembers(MyWhitelistTarget.Both,
                                    rt.GetMethod("op_Inequality"),
                                    rt.GetMethod("GetFields", new[] { typeof(System.Reflection.BindingFlags) })
                                    );

                //var rtField = typeof(Type).Assembly.GetType("System.Reflection.RtFieldInfo");
                //handle.AllowMembers(WhitelistTarget.Both,
                //    rtField.GetMethod("UnsafeGetValue", BindingFlags.NonPublic | BindingFlags.Instance)
                //    );
            }
        }