public string[] GetDirectlyImportedProjects(ProjectShim project) { List<string> list = new List<string>(); foreach (Import import in project.Imports) { if (!import.IsImported) { list.Add(import.EvaluatedProjectPath); } } return list.ToArray(); }
internal static string[] GetNonImportedTargetNames(ProjectShim project) { List<string> list = new List<string>(); foreach (TargetShim shim in project.Targets) { if (!shim.IsImported) { list.Add(shim.Name); } } return list.ToArray(); }
public string[] GetNonImportedUsingTasks(ProjectShim project) { List<string> list = new List<string>(); foreach (UsingTask task in project.UsingTasks) { if (!task.IsImported) { list.Add(task.TaskName); } } return list.ToArray(); }
internal static string[] GetNonImportedPropertyNames(ProjectShim project) { Dictionary<string, string> hashtable = new Dictionary<string, string>(); foreach (BuildPropertyGroupShim shim in project.PropertyGroups) { if (!shim.IsImported) { foreach (BuildPropertyShim shim2 in shim) { hashtable[shim2.Name] = string.Empty; } continue; } } return hashtable.Keys.ToArray(); }
public string[] GetNonImportedUsingTasks(ProjectShim project) { List <string> list = new List <string>(); foreach (UsingTask task in project.UsingTasks) { if (!task.IsImported) { list.Add(task.TaskName); } } return(list.ToArray()); }
public string[] GetDirectlyImportedProjects(ProjectShim project) { List <string> list = new List <string>(); foreach (Import import in project.Imports) { if (!import.IsImported) { list.Add(import.EvaluatedProjectPath); } } return(list.ToArray()); }
internal static string[] GetNonImportedTargetNames(ProjectShim project) { List <string> list = new List <string>(); foreach (TargetShim shim in project.Targets) { if (!shim.IsImported) { list.Add(shim.Name); } } return(list.ToArray()); }
internal static string[] GetNonImportedItemNames(ProjectShim project) { Dictionary <string, string> hashtable = new Dictionary <string, string>(); foreach (BuildItemGroupShim shim in project.ItemGroups) { if (!shim.IsImported) { foreach (BuildItemShim shim2 in shim) { hashtable[shim2.Name] = string.Empty; } continue; } } return(hashtable.Keys.ToArray()); }
/// <summary> /// Overloaded Constructor /// </summary> /// <param name="projectFilePath">path to the project file</param> /// <param name="serviceProvider">A service provider.</param> public ProjectSecurityChecker(IServiceProvider serviceProvider, string projectFilePath) { if (serviceProvider == null) { throw new ArgumentNullException("serviceProvider"); } if (String.IsNullOrEmpty(projectFilePath)) { throw new ArgumentException(SR.GetString(SR.ParameterCannotBeNullOrEmpty, CultureInfo.CurrentUICulture), "projectFilePath"); } this.serviceProvider = serviceProvider; // Instantiate a new project shim that we are going to use for security checkings. this.projectShim = new ProjectShim(new EngineShim()); projectShim.Load(projectFilePath); }
/// <summary> /// Checks whether a set of project items described by the LoadTimeCheckItemLocation are in a safe location. /// </summary> /// <param name="projectShim">The project shim containing the items to be checked.</param> /// <param name="itemsToCheck">The list of items to check if they are in the project cone.</param> /// <param name="reasonForFailure">The reason for failure if any of the files fails</param> /// <returns>true if all project items are in the project cone. Otherwise false.</returns> internal bool CheckItemsSecurity(ProjectShim projectShim, IList<string> itemsToCheck, out string reasonForFailure) { reasonForFailure = String.Empty; // If nothing to check assume that everything is ok. if(itemsToCheck == null) { return true; } Debug.Assert(projectShim != null, "Cannot check the items if no project has been defined!"); foreach(string itemName in itemsToCheck) { BuildItemGroupShim group = projectShim.GetEvaluatedItemsByNameIgnoringCondition(itemName); if(group != null) { IEnumerator enumerator = group.GetEnumerator(); while(enumerator.MoveNext()) { BuildItemShim item = enumerator.Current as BuildItemShim; string finalItem = item.FinalItemSpec; if(!String.IsNullOrEmpty(finalItem)) { // Perform the actual check - start with normalizing the path. Relative paths // should be treated as relative to the project file. string fullPath = this.GetFullPath(finalItem); // If the fullpath of the item is suspiciously short do not check it. if(fullPath.Length >= 3) { Uri uri = null; // If we cannot create a uri from the item path return with the error if(!Uri.TryCreate(fullPath, UriKind.Absolute, out uri)) { reasonForFailure = fullPath; return false; } // Check if the item points to a network share if(uri.IsUnc) { reasonForFailure = fullPath; return false; } // Check if the item is located in a drive root directory if(uri.Segments.Length == 3 && uri.Segments[1] == ":" && uri.Segments[2][0] == Path.DirectorySeparatorChar) { reasonForFailure = fullPath; return false; } //Check if the item is not in a special folder. foreach(Uri specialFolder in this.specialFolders) { if(ItemSecurityChecker.IsItemInCone(uri, specialFolder)) { reasonForFailure = fullPath; return false; } } } else { reasonForFailure = fullPath; return false; } } } } } return true; }
/// <summary> /// Overloaded Constructor /// </summary> /// <param name="projectFilePath">path to the project file</param> /// <param name="serviceProvider">A service provider.</param> public ProjectSecurityChecker(IServiceProvider serviceProvider, string projectFilePath) { if(serviceProvider == null) { throw new ArgumentNullException("serviceProvider"); } if(String.IsNullOrEmpty(projectFilePath)) { throw new ArgumentException(SR.GetString(SR.ParameterCannotBeNullOrEmpty, CultureInfo.CurrentUICulture), "projectFilePath"); } this.serviceProvider = serviceProvider; // Instantiate a new project shim that we are going to use for security checkings. this.projectShim = new ProjectShim(new EngineShim()); projectShim.Load(projectFilePath); }
internal void UnloadProject(ProjectShim projectShim) { _engine.UnloadProject(projectShim.Project); }
internal bool IsProjectSafe(string dangerousItemsPropertyName, string defaultDangerousItems, ProjectShim mainProject, ProjectShim userProject, SecurityCheckPass pass, out string reasonFailed, out bool isUserFile) { reasonFailed = string.Empty; isUserFile = false; string[] nonImportedItems = null; string[] nonImportedTargetNames = null; switch (pass) { case SecurityCheckPass.Targets: if (mainProject != null) { nonImportedItems = GetNonImportedTargetNames(mainProject); } if (userProject != null) { nonImportedTargetNames = GetNonImportedTargetNames(userProject); } break; case SecurityCheckPass.Properties: if (mainProject != null) { nonImportedItems = GetNonImportedPropertyNames(mainProject); } if (userProject != null) { nonImportedTargetNames = GetNonImportedPropertyNames(userProject); } break; case SecurityCheckPass.Items: if (mainProject != null) { nonImportedItems = GetNonImportedItemNames(mainProject); } if (userProject != null) { nonImportedTargetNames = GetNonImportedItemNames(userProject); } break; default: return false; } Dictionary<string, string> dangerousItems = CreateDangerousItemHashtable(defaultDangerousItems + mainProject.GetEvaluatedProperty(dangerousItemsPropertyName)); bool flag = IsProjectSafeHelper(nonImportedItems, dangerousItems, out reasonFailed); if (!flag) { isUserFile = false; return false; } bool flag2 = IsProjectSafeHelper(nonImportedTargetNames, dangerousItems, out reasonFailed); if (!flag2) { isUserFile = true; return false; } return (flag && flag2); }
/// <summary> /// Checks whether a set of project items described by the LoadTimeCheckItemLocation are in a safe location. /// </summary> /// <param name="projectShim">The project shim containing the items to be checked.</param> /// <param name="itemsToCheck">The list of items to check if they are in the project cone.</param> /// <param name="reasonForFailure">The reason for failure if any of the files fails</param> /// <returns>true if all project items are in the project cone. Otherwise false.</returns> internal bool CheckItemsSecurity(ProjectShim projectShim, IList <string> itemsToCheck, out string reasonForFailure) { reasonForFailure = String.Empty; // If nothing to check assume that everything is ok. if (itemsToCheck == null) { return(true); } Debug.Assert(projectShim != null, "Cannot check the items if no project has been defined!"); foreach (string itemName in itemsToCheck) { BuildItemGroupShim group = projectShim.GetEvaluatedItemsByNameIgnoringCondition(itemName); if (group != null) { IEnumerator enumerator = group.GetEnumerator(); while (enumerator.MoveNext()) { BuildItemShim item = enumerator.Current as BuildItemShim; string finalItem = item.FinalItemSpec; if (!String.IsNullOrEmpty(finalItem)) { // Perform the actual check - start with normalizing the path. Relative paths // should be treated as relative to the project file. string fullPath = this.GetFullPath(finalItem); // If the fullpath of the item is suspiciously short do not check it. if (fullPath.Length >= 3) { Uri uri = null; // If we cannot create a uri from the item path return with the error if (!Uri.TryCreate(fullPath, UriKind.Absolute, out uri)) { reasonForFailure = fullPath; return(false); } // Check if the item points to a network share if (uri.IsUnc) { reasonForFailure = fullPath; return(false); } // Check if the item is located in a drive root directory if (uri.Segments.Length == 3 && uri.Segments[1] == ":" && uri.Segments[2][0] == Path.DirectorySeparatorChar) { reasonForFailure = fullPath; return(false); } //Check if the item is not in a special folder. foreach (Uri specialFolder in this.specialFolders) { if (ItemSecurityChecker.IsItemInCone(uri, specialFolder)) { reasonForFailure = fullPath; return(false); } } } else { reasonForFailure = fullPath; return(false); } } } } } return(true); }
internal bool IsProjectSafe(string dangerousItemsPropertyName, string defaultDangerousItems, ProjectShim mainProject, ProjectShim userProject, SecurityCheckPass pass, out string reasonFailed, out bool isUserFile) { reasonFailed = string.Empty; isUserFile = false; string[] nonImportedItems = null; string[] nonImportedTargetNames = null; switch (pass) { case SecurityCheckPass.Targets: if (mainProject != null) { nonImportedItems = GetNonImportedTargetNames(mainProject); } if (userProject != null) { nonImportedTargetNames = GetNonImportedTargetNames(userProject); } break; case SecurityCheckPass.Properties: if (mainProject != null) { nonImportedItems = GetNonImportedPropertyNames(mainProject); } if (userProject != null) { nonImportedTargetNames = GetNonImportedPropertyNames(userProject); } break; case SecurityCheckPass.Items: if (mainProject != null) { nonImportedItems = GetNonImportedItemNames(mainProject); } if (userProject != null) { nonImportedTargetNames = GetNonImportedItemNames(userProject); } break; default: return(false); } Dictionary <string, string> dangerousItems = CreateDangerousItemHashtable(defaultDangerousItems + mainProject.GetEvaluatedProperty(dangerousItemsPropertyName)); bool flag = IsProjectSafeHelper(nonImportedItems, dangerousItems, out reasonFailed); if (!flag) { isUserFile = false; return(false); } bool flag2 = IsProjectSafeHelper(nonImportedTargetNames, dangerousItems, out reasonFailed); if (!flag2) { isUserFile = true; return(false); } return(flag && flag2); }