Пример #1
0
        [System.Security.SecurityCritical]  // auto-generated
        // [ResourceExposure(ResourceScope.Machine)]
        // [ResourceConsumption(ResourceScope.Machine)]
        internal static AssemblyBuilder InternalDefineDynamicAssembly(
            AssemblyName name,
            AssemblyBuilderAccess access,
            String dir,
            Evidence evidence,
            PermissionSet requiredPermissions,
            PermissionSet optionalPermissions,
            PermissionSet refusedPermissions,
            ref StackCrawlMark stackMark,
            IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
            SecurityContextSource securityContextSource)
        {
            // if (evidence != null && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
            //    throw new NotSupportedException(("NotSupported_RequiresCasPolicyExplicit"));

            lock (typeof(AssemblyBuilderLock))
            {
                // we can only create dynamic assemblies in the current domain
                return(default(AssemblyBuilder));

                /*
                 * return new AssemblyBuilder(AppDomain.CurrentDomain,
                 *                         name,
                 *                         access,
                 *                         dir,
                 *                         evidence,
                 *                         requiredPermissions,
                 *                         optionalPermissions,
                 *                         refusedPermissions,
                 *                         ref stackMark,
                 *                         unsafeAssemblyAttributes,
                 *                         securityContextSource); */
            } //lock(typeof(AssemblyBuilderLock))
        }
Пример #2
0
 internal static AssemblyBuilder InternalDefineDynamicAssembly(
     AssemblyName name,
     AssemblyBuilderAccess access,
     String dir,
     Evidence evidence,
     PermissionSet requiredPermissions,
     PermissionSet optionalPermissions,
     PermissionSet refusedPermissions,
     ref StackCrawlMark stackMark,
     IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
     SecurityContextSource securityContextSource)
 {
     lock (typeof(AssemblyBuilderLock))
     {
         // we can only create dynamic assemblies in the current domain
         return(new AssemblyBuilder(AppDomain.CurrentDomain,
                                    name,
                                    access,
                                    dir,
                                    evidence,
                                    requiredPermissions,
                                    optionalPermissions,
                                    refusedPermissions,
                                    ref stackMark,
                                    unsafeAssemblyAttributes,
                                    securityContextSource));
     } //lock(typeof(AssemblyBuilderLock))
 }
Пример #3
0
 private static extern Assembly nCreateDynamicAssembly(AppDomain domain,
                                                       AssemblyName name,
                                                       Evidence identity,
                                                       ref StackCrawlMark stackMark,
                                                       byte[] securityRulesBlob,
                                                       byte[] aptcaBlob,
                                                       AssemblyBuilderAccess access,
                                                       DynamicAssemblyFlags flags,
                                                       SecurityContextSource securityContextSource);
        public static Assembly Load(byte[] rawAssembly, byte[] rawSymbolStore, SecurityContextSource securityContextSource)
        {
            if ((securityContextSource < SecurityContextSource.CurrentAppDomain) || (securityContextSource > SecurityContextSource.CurrentAssembly))
            {
                throw new ArgumentOutOfRangeException("securityContextSource");
            }
            StackCrawlMark lookForMyCaller = StackCrawlMark.LookForMyCaller;

            return(RuntimeAssembly.nLoadImage(rawAssembly, rawSymbolStore, null, ref lookForMyCaller, false, securityContextSource));
        }
Пример #5
0
        [System.Security.SecurityCritical]  // auto-generated
        internal static AssemblyBuilder InternalDefineDynamicAssembly(
            AssemblyName name,
            AssemblyBuilderAccess access,
            String dir,
            Evidence evidence,
            PermissionSet requiredPermissions,
            PermissionSet optionalPermissions,
            PermissionSet refusedPermissions,
            ref StackCrawlMark stackMark,
            IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
            SecurityContextSource securityContextSource)
        {
#if FEATURE_CAS_POLICY
            if (evidence != null && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyExplicit"));
            }
#endif // FEATURE_CAS_POLICY

            lock (typeof(AssemblyBuilderLock))
            {
                // we can only create dynamic assemblies in the current domain
                return new AssemblyBuilder(AppDomain.CurrentDomain,
                                           name,
                                           access,
                                           dir,
                                           evidence,
                                           requiredPermissions,
                                           optionalPermissions,
                                           refusedPermissions,
                                           ref stackMark,
                                           unsafeAssemblyAttributes,
                                           securityContextSource);
            } //lock(typeof(AssemblyBuilderLock))
        }
Пример #6
0
 private static extern Assembly nCreateDynamicAssembly(AppDomain domain,
                                                       AssemblyName name,
                                                       Evidence identity,
                                                       ref StackCrawlMark stackMark,
                                                       PermissionSet requiredPermissions,
                                                       PermissionSet optionalPermissions,
                                                       PermissionSet refusedPermissions,
                                                       byte[] securityRulesBlob,
                                                       byte[] aptcaBlob,
                                                       AssemblyBuilderAccess access,
                                                       DynamicAssemblyFlags flags,
                                                       SecurityContextSource securityContextSource);
Пример #7
0
        [System.Security.SecurityCritical]  // auto-generated
        internal AssemblyBuilder(AppDomain domain,
                                 AssemblyName name,
                                 AssemblyBuilderAccess access,
                                 String dir,
                                 Evidence evidence,
                                 PermissionSet requiredPermissions,
                                 PermissionSet optionalPermissions,
                                 PermissionSet refusedPermissions,
                                 ref StackCrawlMark stackMark,
                                 IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
                                 SecurityContextSource securityContextSource)
        {
            if (name == null)
                throw new ArgumentNullException("name");

            if (access != AssemblyBuilderAccess.Run
#if !FEATURE_CORECLR
                && access != AssemblyBuilderAccess.Save
                && access != AssemblyBuilderAccess.RunAndSave
#endif // !FEATURE_CORECLR
#if FEATURE_REFLECTION_ONLY_LOAD
                && access != AssemblyBuilderAccess.ReflectionOnly
#endif // FEATURE_REFLECTION_ONLY_LOAD
#if FEATURE_COLLECTIBLE_TYPES
                && access != AssemblyBuilderAccess.RunAndCollect
#endif // FEATURE_COLLECTIBLE_TYPES
                )
            {
                throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), "access");
            }

            if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
                securityContextSource > SecurityContextSource.CurrentAssembly)
            {
                throw new ArgumentOutOfRangeException("securityContextSource");
            }

            // Clone the name in case the caller modifies it underneath us.
            name = (AssemblyName)name.Clone();
            
#if !FEATURE_CORECLR
            // Set the public key from the key pair if one has been provided.
            // (Overwite any public key in the Assembly name, since it's no
            // longer valid to have a disparity).
            if (name.KeyPair != null)
                name.SetPublicKey(name.KeyPair.PublicKey);
#endif

            // If the caller is trusted they can supply identity
            // evidence for the new assembly. Otherwise we copy the
            // current grant and deny sets from the caller's assembly,
            // inject them into the new assembly and mark policy as
            // resolved. If/when the assembly is persisted and
            // reloaded, the normal rules for gathering evidence will
            // be used.
            if (evidence != null)
#pragma warning disable 618
                new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
#pragma warning restore 618

#if FEATURE_COLLECTIBLE_TYPES && !FEATURE_CORECLR
            // Collectible assemblies require FullTrust. This demand may be removed if we deem the
            // feature robust enough to be used directly by untrusted API consumers.
            if (access == AssemblyBuilderAccess.RunAndCollect)
                new PermissionSet(PermissionState.Unrestricted).Demand();
#endif // FEATURE_COLLECTIBLE_TYPES && !FEATURE_CORECLR

            // Scan the assembly level attributes for any attributes which modify how we create the
            // assembly. Currently, we look for any attribute which modifies the security transparency
            // of the assembly.
            List<CustomAttributeBuilder> assemblyAttributes = null;
            DynamicAssemblyFlags assemblyFlags = DynamicAssemblyFlags.None;
            byte[] securityRulesBlob = null;
            byte[] aptcaBlob = null;
            if (unsafeAssemblyAttributes != null)
            {
                // Create a copy to ensure that it cannot be modified from another thread
                // as it is used further below.
                assemblyAttributes = new List<CustomAttributeBuilder>(unsafeAssemblyAttributes);

#pragma warning disable 618 // We deal with legacy attributes here as well for compat
                foreach (CustomAttributeBuilder attribute in assemblyAttributes)
                {
                    if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
                    {
                        assemblyFlags |= DynamicAssemblyFlags.Transparent;
                    }
                    else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
                    {
#if !FEATURE_CORECLR
                        SecurityCriticalScope scope = SecurityCriticalScope.Everything;
                        if (attribute.m_constructorArgs != null &&
                            attribute.m_constructorArgs.Length == 1 &&
                            attribute.m_constructorArgs[0] is SecurityCriticalScope)
                        {
                            scope = (SecurityCriticalScope)attribute.m_constructorArgs[0];
                        }

                        assemblyFlags |= DynamicAssemblyFlags.Critical;
                        if (scope == SecurityCriticalScope.Everything)
#endif // !FEATURE_CORECLR
                        {
                            assemblyFlags |= DynamicAssemblyFlags.AllCritical;
                        }
                    }
#if !FEATURE_CORECLR
                    else if (attribute.m_con.DeclaringType == typeof(SecurityRulesAttribute))
                    {
                        securityRulesBlob = new byte[attribute.m_blob.Length];
                        Buffer.BlockCopy(attribute.m_blob, 0, securityRulesBlob, 0, securityRulesBlob.Length);
                    }
                    else if (attribute.m_con.DeclaringType == typeof(SecurityTreatAsSafeAttribute))
                    {
                        assemblyFlags |= DynamicAssemblyFlags.TreatAsSafe;
                    }
#endif // !FEATURE_CORECLR
#if FEATURE_APTCA
                    else if (attribute.m_con.DeclaringType == typeof(AllowPartiallyTrustedCallersAttribute))
                    {
                        assemblyFlags |= DynamicAssemblyFlags.Aptca;
                        aptcaBlob = new byte[attribute.m_blob.Length];
                        Buffer.BlockCopy(attribute.m_blob, 0, aptcaBlob, 0, aptcaBlob.Length);
                    }
#endif // FEATURE_APTCA
                }
#pragma warning restore 618
            }

            m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
                                                                                        name,
                                                                                        evidence,
                                                                                        ref stackMark,
                                                                                        requiredPermissions,
                                                                                        optionalPermissions,
                                                                                        refusedPermissions,
                                                                                        securityRulesBlob,
                                                                                        aptcaBlob,
                                                                                        access,
                                                                                        assemblyFlags,
                                                                                        securityContextSource);

            m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
                                                     name.Name,
                                                     access,
                                                     dir);
            m_assemblyData.AddPermissionRequests(requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions);

#if FEATURE_APPX
            if (AppDomain.ProfileAPICheck)
            {
                RuntimeAssembly creator = RuntimeAssembly.GetExecutingAssembly(ref stackMark);
                if (creator != null && !creator.IsFrameworkAssembly())
                    m_profileAPICheck = true;
            }
#endif
            // Make sure that ManifestModule is properly initialized
            // We need to do this before setting any CustomAttribute
            InitManifestModule();

            if (assemblyAttributes != null)
            {
                foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
                    SetCustomAttribute(assemblyAttribute);
            }
        }
Пример #8
0
        internal AssemblyBuilder(AppDomain domain,
                                 AssemblyName name,
                                 AssemblyBuilderAccess access,
                                 String dir,
                                 Evidence evidence,
                                 PermissionSet requiredPermissions,
                                 PermissionSet optionalPermissions,
                                 PermissionSet refusedPermissions,
                                 ref StackCrawlMark stackMark,
                                 IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
                                 SecurityContextSource securityContextSource)
        {
            if (name == null)
                throw new ArgumentNullException(nameof(name));

            if (access != AssemblyBuilderAccess.Run
#if FEATURE_REFLECTION_ONLY_LOAD
                && access != AssemblyBuilderAccess.ReflectionOnly
#endif // FEATURE_REFLECTION_ONLY_LOAD
#if FEATURE_COLLECTIBLE_TYPES
                && access != AssemblyBuilderAccess.RunAndCollect
#endif // FEATURE_COLLECTIBLE_TYPES
                )
            {
                throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), nameof(access));
            }

            if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
                securityContextSource > SecurityContextSource.CurrentAssembly)
            {
                throw new ArgumentOutOfRangeException(nameof(securityContextSource));
            }

            // Clone the name in case the caller modifies it underneath us.
            name = (AssemblyName)name.Clone();

            // If the caller is trusted they can supply identity
            // evidence for the new assembly. Otherwise we copy the
            // current grant and deny sets from the caller's assembly,
            // inject them into the new assembly and mark policy as
            // resolved. If/when the assembly is persisted and
            // reloaded, the normal rules for gathering evidence will
            // be used.
            if (evidence != null)
#pragma warning disable 618
                new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
#pragma warning restore 618

            // Scan the assembly level attributes for any attributes which modify how we create the
            // assembly. Currently, we look for any attribute which modifies the security transparency
            // of the assembly.
            List<CustomAttributeBuilder> assemblyAttributes = null;
            DynamicAssemblyFlags assemblyFlags = DynamicAssemblyFlags.None;
            byte[] securityRulesBlob = null;
            byte[] aptcaBlob = null;
            if (unsafeAssemblyAttributes != null)
            {
                // Create a copy to ensure that it cannot be modified from another thread
                // as it is used further below.
                assemblyAttributes = new List<CustomAttributeBuilder>(unsafeAssemblyAttributes);

#pragma warning disable 618 // We deal with legacy attributes here as well for compat
                foreach (CustomAttributeBuilder attribute in assemblyAttributes)
                {
                    if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
                    {
                        assemblyFlags |= DynamicAssemblyFlags.Transparent;
                    }
                    else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
                    {
                        {
                            assemblyFlags |= DynamicAssemblyFlags.AllCritical;
                        }
                    }
                }
#pragma warning restore 618
            }

            m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
                                                                                        name,
                                                                                        evidence,
                                                                                        ref stackMark,
                                                                                        requiredPermissions,
                                                                                        optionalPermissions,
                                                                                        refusedPermissions,
                                                                                        securityRulesBlob,
                                                                                        aptcaBlob,
                                                                                        access,
                                                                                        assemblyFlags,
                                                                                        securityContextSource);

            m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
                                                     name.Name,
                                                     access,
                                                     dir);
            m_assemblyData.AddPermissionRequests(requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions);

#if FEATURE_APPX
            if (AppDomain.ProfileAPICheck)
            {
                RuntimeAssembly creator = RuntimeAssembly.GetExecutingAssembly(ref stackMark);
                if (creator != null && !creator.IsFrameworkAssembly())
                    m_profileAPICheck = true;
            }
#endif
            // Make sure that ManifestModule is properly initialized
            // We need to do this before setting any CustomAttribute
            InitManifestModule();

            if (assemblyAttributes != null)
            {
                foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
                    SetCustomAttribute(assemblyAttribute);
            }
        }
Пример #9
0
        [MethodImpl(MethodImplOptions.NoInlining)]  // Due to the stack crawl mark
        public static Assembly Load(byte[] rawAssembly,
                                    byte[] rawSymbolStore,
                                    SecurityContextSource securityContextSource)
        {

            Contract.Ensures(Contract.Result<Assembly>() != null);
            Contract.Ensures(!Contract.Result<Assembly>().ReflectionOnly);

            AppDomain.CheckLoadByteArraySupported();

            if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
                securityContextSource > SecurityContextSource.CurrentAssembly)
            {
                throw new ArgumentOutOfRangeException("securityContextSource");
            }

            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.nLoadImage(rawAssembly,
                                              rawSymbolStore,
                                              null,             // evidence
                                              ref stackMark,
                                              false,            // fIntrospection
                                              securityContextSource);
        }
Пример #10
0
		public static Assembly Load (byte [] rawAssembly, byte [] rawSymbolStore, SecurityContextSource securityContextSource)
		{
			return AppDomain.CurrentDomain.Load (rawAssembly, rawSymbolStore);
		}
Пример #11
0
		public AssemblyBuilder DefineDynamicAssembly(AssemblyName name, AssemblyBuilderAccess access, IEnumerable<CustomAttributeBuilder> assemblyAttributes, SecurityContextSource securityContextSource)
		{
			StackCrawlMark stackCrawlMark = StackCrawlMark.LookForMyCaller;
			return this.InternalDefineDynamicAssembly(name, access, null, null, null, null, null, ref stackCrawlMark, assemblyAttributes, securityContextSource);
		}
 internal static AssemblyBuilder InternalDefineDynamicAssembly(AssemblyName name, AssemblyBuilderAccess access, string dir, System.Security.Policy.Evidence evidence, System.Security.PermissionSet requiredPermissions, System.Security.PermissionSet optionalPermissions, System.Security.PermissionSet refusedPermissions, ref StackCrawlMark stackMark, IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes, SecurityContextSource securityContextSource)
 {
     if ((evidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
     {
         throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyExplicit"));
     }
     lock (typeof(AssemblyBuilderLock))
     {
         return new AssemblyBuilder(AppDomain.CurrentDomain, name, access, dir, evidence, requiredPermissions, optionalPermissions, refusedPermissions, ref stackMark, unsafeAssemblyAttributes, securityContextSource);
     }
 }
Пример #13
0
 public IAssembly Load(byte[] rawAssembly, byte[] rawSymbolStore, SecurityContextSource securityContextSource)
 {
     return(new AssemblyWrap(Assembly.Load(rawAssembly, rawSymbolStore, securityContextSource)));
 }
 internal AssemblyBuilder(AppDomain domain, AssemblyName name, AssemblyBuilderAccess access, string dir, System.Security.Policy.Evidence evidence, System.Security.PermissionSet requiredPermissions, System.Security.PermissionSet optionalPermissions, System.Security.PermissionSet refusedPermissions, ref StackCrawlMark stackMark, IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes, SecurityContextSource securityContextSource)
 {
     if (name == null)
     {
         throw new ArgumentNullException("name");
     }
     if ((((access != AssemblyBuilderAccess.Run) && (access != AssemblyBuilderAccess.Save)) && ((access != AssemblyBuilderAccess.RunAndSave) && (access != AssemblyBuilderAccess.ReflectionOnly))) && (access != AssemblyBuilderAccess.RunAndCollect))
     {
         throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", new object[] { (int) access }), "access");
     }
     if ((securityContextSource < SecurityContextSource.CurrentAppDomain) || (securityContextSource > SecurityContextSource.CurrentAssembly))
     {
         throw new ArgumentOutOfRangeException("securityContextSource");
     }
     if (name.KeyPair != null)
     {
         name.SetPublicKey(name.KeyPair.PublicKey);
     }
     if (evidence != null)
     {
         new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
     }
     if (access == AssemblyBuilderAccess.RunAndCollect)
     {
         new System.Security.PermissionSet(PermissionState.Unrestricted).Demand();
     }
     List<CustomAttributeBuilder> list = null;
     DynamicAssemblyFlags none = DynamicAssemblyFlags.None;
     byte[] destinationArray = null;
     byte[] buffer2 = null;
     if (unsafeAssemblyAttributes != null)
     {
         list = new List<CustomAttributeBuilder>(unsafeAssemblyAttributes);
         foreach (CustomAttributeBuilder builder in list)
         {
             if (builder.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
             {
                 none |= DynamicAssemblyFlags.Transparent;
             }
             else if (builder.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
             {
                 SecurityCriticalScope everything = SecurityCriticalScope.Everything;
                 if (((builder.m_constructorArgs != null) && (builder.m_constructorArgs.Length == 1)) && (builder.m_constructorArgs[0] is SecurityCriticalScope))
                 {
                     everything = (SecurityCriticalScope) builder.m_constructorArgs[0];
                 }
                 none |= DynamicAssemblyFlags.Critical;
                 if (everything == SecurityCriticalScope.Everything)
                 {
                     none |= DynamicAssemblyFlags.AllCritical;
                 }
             }
             else if (builder.m_con.DeclaringType == typeof(SecurityRulesAttribute))
             {
                 destinationArray = new byte[builder.m_blob.Length];
                 Array.Copy(builder.m_blob, destinationArray, destinationArray.Length);
             }
             else if (builder.m_con.DeclaringType == typeof(SecurityTreatAsSafeAttribute))
             {
                 none |= DynamicAssemblyFlags.TreatAsSafe;
             }
             else if (builder.m_con.DeclaringType == typeof(AllowPartiallyTrustedCallersAttribute))
             {
                 none |= DynamicAssemblyFlags.Aptca;
                 buffer2 = new byte[builder.m_blob.Length];
                 Array.Copy(builder.m_blob, buffer2, buffer2.Length);
             }
         }
     }
     this.m_internalAssemblyBuilder = (InternalAssemblyBuilder) nCreateDynamicAssembly(domain, name, evidence, ref stackMark, requiredPermissions, optionalPermissions, refusedPermissions, destinationArray, buffer2, access, none, securityContextSource);
     this.m_assemblyData = new AssemblyBuilderData(this.m_internalAssemblyBuilder, name.Name, access, dir);
     this.m_assemblyData.AddPermissionRequests(requiredPermissions, optionalPermissions, refusedPermissions);
     this.InitManifestModule();
     if (list != null)
     {
         foreach (CustomAttributeBuilder builder2 in list)
         {
             this.SetCustomAttribute(builder2);
         }
     }
 }
Пример #15
0
        internal AssemblyBuilder(AppDomain domain,
                                 AssemblyName name,
                                 AssemblyBuilderAccess access,
                                 String dir,
                                 Evidence evidence,
                                 ref StackCrawlMark stackMark,
                                 IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
                                 SecurityContextSource securityContextSource)
        {
            if (name == null)
            {
                throw new ArgumentNullException(nameof(name));
            }

            if (access != AssemblyBuilderAccess.Run &&
                access != AssemblyBuilderAccess.RunAndCollect
                )
            {
                throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), nameof(access));
            }

            if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
                securityContextSource > SecurityContextSource.CurrentAssembly)
            {
                throw new ArgumentOutOfRangeException(nameof(securityContextSource));
            }

            // Clone the name in case the caller modifies it underneath us.
            name = (AssemblyName)name.Clone();

            // Scan the assembly level attributes for any attributes which modify how we create the
            // assembly. Currently, we look for any attribute which modifies the security transparency
            // of the assembly.
            List <CustomAttributeBuilder> assemblyAttributes = null;
            DynamicAssemblyFlags          assemblyFlags      = DynamicAssemblyFlags.None;

            byte[] securityRulesBlob = null;
            byte[] aptcaBlob         = null;
            if (unsafeAssemblyAttributes != null)
            {
                // Create a copy to ensure that it cannot be modified from another thread
                // as it is used further below.
                assemblyAttributes = new List <CustomAttributeBuilder>(unsafeAssemblyAttributes);

#pragma warning disable 618 // We deal with legacy attributes here as well for compat
                foreach (CustomAttributeBuilder attribute in assemblyAttributes)
                {
                    if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
                    {
                        assemblyFlags |= DynamicAssemblyFlags.Transparent;
                    }
                    else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
                    {
                        {
                            assemblyFlags |= DynamicAssemblyFlags.AllCritical;
                        }
                    }
                }
#pragma warning restore 618
            }

            m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
                                                                                        name,
                                                                                        evidence,
                                                                                        ref stackMark,
                                                                                        securityRulesBlob,
                                                                                        aptcaBlob,
                                                                                        access,
                                                                                        assemblyFlags,
                                                                                        securityContextSource);

            m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
                                                     name.Name,
                                                     access,
                                                     dir);

            // Make sure that ManifestModule is properly initialized
            // We need to do this before setting any CustomAttribute
            InitManifestModule();

            if (assemblyAttributes != null)
            {
                foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
                {
                    SetCustomAttribute(assemblyAttribute);
                }
            }
        }
Пример #16
0
 internal static AssemblyBuilder InternalDefineDynamicAssembly(
     AssemblyName name,
     AssemblyBuilderAccess access,
     String dir,
     Evidence evidence,
     PermissionSet requiredPermissions,
     PermissionSet optionalPermissions,
     PermissionSet refusedPermissions,
     ref StackCrawlMark stackMark,
     IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
     SecurityContextSource securityContextSource)
 {
     lock (typeof(AssemblyBuilderLock))
     {
         // we can only create dynamic assemblies in the current domain
         return new AssemblyBuilder(AppDomain.CurrentDomain,
                                    name,
                                    access,
                                    dir,
                                    evidence,
                                    requiredPermissions,
                                    optionalPermissions,
                                    refusedPermissions,
                                    ref stackMark,
                                    unsafeAssemblyAttributes,
                                    securityContextSource);
     } //lock(typeof(AssemblyBuilderLock))
 }
Пример #17
0
 public IAssembly Load(byte[] rawAssembly, byte[] rawSymbolStore, SecurityContextSource securityContextSource)
 {
     return new AssemblyWrap(Assembly.Load(rawAssembly, rawSymbolStore, securityContextSource));
 }
Пример #18
0
        [MethodImpl(MethodImplOptions.NoInlining)]  // Due to the stack crawl mark
        public static Assembly Load(byte[] rawAssembly,
                                    byte[] rawSymbolStore,
                                    SecurityContextSource securityContextSource) 
        {
            if (securityContextSource < SecurityContextSource.CurrentAppDomain || 
                securityContextSource > SecurityContextSource.CurrentAssembly) 
            {
                throw new ArgumentOutOfRangeException("securityContextSource"); 
            }

            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.nLoadImage(rawAssembly, 
                                              rawSymbolStore,
                                              null,             // evidence 
                                              ref stackMark, 
                                              false,            // fIntrospection
                                              securityContextSource); 
        }
Пример #19
0
		public AssemblyBuilder DefineDynamicAssembly (AssemblyName name, AssemblyBuilderAccess access, IEnumerable<CustomAttributeBuilder> assemblyAttributes, SecurityContextSource securityContextSource)
		{
			return DefineDynamicAssembly (name, access, assemblyAttributes);
		}
Пример #20
0
 static internal extern Assembly nLoadImage(byte[] rawAssembly,
                                            byte[] rawSymbolStore,
                                            Evidence evidence,
                                            ref StackCrawlMark stackMark,
                                            bool fIntrospection,
                                            SecurityContextSource securityContextSource);
Пример #21
0
 static internal extern RuntimeAssembly nLoadImage(byte[] rawAssembly,
                                                   byte[] rawSymbolStore,
                                                   Evidence evidence,
                                                   ref StackCrawlMark stackMark,
                                                   bool fIntrospection,
                                                   SecurityContextSource securityContextSource);
Пример #22
0
        public AssemblyBuilder DefineDynamicAssembly(AssemblyName name,
                                                     AssemblyBuilderAccess access,
                                                     IEnumerable<CustomAttributeBuilder> assemblyAttributes,
                                                     SecurityContextSource securityContextSource)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);

            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name,
                                                 access,
                                                 null, null, null, null, null,
                                                 ref stackMark,
                                                 assemblyAttributes,
                                                 securityContextSource);
        }
Пример #23
0
        internal AssemblyBuilder(AppDomain domain,
                                 AssemblyName name,
                                 AssemblyBuilderAccess access,
                                 String dir,
                                 Evidence evidence,
                                 PermissionSet requiredPermissions,
                                 PermissionSet optionalPermissions,
                                 PermissionSet refusedPermissions,
                                 ref StackCrawlMark stackMark,
                                 IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
                                 SecurityContextSource securityContextSource)
        {
            if (name == null)
            {
                throw new ArgumentNullException(nameof(name));
            }

            if (access != AssemblyBuilderAccess.Run
#if FEATURE_REFLECTION_ONLY_LOAD
                && access != AssemblyBuilderAccess.ReflectionOnly
#endif // FEATURE_REFLECTION_ONLY_LOAD
                && access != AssemblyBuilderAccess.RunAndCollect
                )
            {
                throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), nameof(access));
            }

            if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
                securityContextSource > SecurityContextSource.CurrentAssembly)
            {
                throw new ArgumentOutOfRangeException(nameof(securityContextSource));
            }

            // Clone the name in case the caller modifies it underneath us.
            name = (AssemblyName)name.Clone();

            // If the caller is trusted they can supply identity
            // evidence for the new assembly. Otherwise we copy the
            // current grant and deny sets from the caller's assembly,
            // inject them into the new assembly and mark policy as
            // resolved. If/when the assembly is persisted and
            // reloaded, the normal rules for gathering evidence will
            // be used.
            if (evidence != null)
#pragma warning disable 618
            {
                new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
            }
#pragma warning restore 618

            // Scan the assembly level attributes for any attributes which modify how we create the
            // assembly. Currently, we look for any attribute which modifies the security transparency
            // of the assembly.
            List <CustomAttributeBuilder> assemblyAttributes = null;
            DynamicAssemblyFlags          assemblyFlags      = DynamicAssemblyFlags.None;
            byte[] securityRulesBlob = null;
            byte[] aptcaBlob         = null;
            if (unsafeAssemblyAttributes != null)
            {
                // Create a copy to ensure that it cannot be modified from another thread
                // as it is used further below.
                assemblyAttributes = new List <CustomAttributeBuilder>(unsafeAssemblyAttributes);

#pragma warning disable 618 // We deal with legacy attributes here as well for compat
                foreach (CustomAttributeBuilder attribute in assemblyAttributes)
                {
                    if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
                    {
                        assemblyFlags |= DynamicAssemblyFlags.Transparent;
                    }
                    else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
                    {
                        {
                            assemblyFlags |= DynamicAssemblyFlags.AllCritical;
                        }
                    }
                }
#pragma warning restore 618
            }

            m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
                                                                                        name,
                                                                                        evidence,
                                                                                        ref stackMark,
                                                                                        requiredPermissions,
                                                                                        optionalPermissions,
                                                                                        refusedPermissions,
                                                                                        securityRulesBlob,
                                                                                        aptcaBlob,
                                                                                        access,
                                                                                        assemblyFlags,
                                                                                        securityContextSource);

            m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
                                                     name.Name,
                                                     access,
                                                     dir);
            m_assemblyData.AddPermissionRequests(requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions);

#if FEATURE_APPX
            if (AppDomain.ProfileAPICheck)
            {
                RuntimeAssembly creator = RuntimeAssembly.GetExecutingAssembly(ref stackMark);
                if (creator != null && !creator.IsFrameworkAssembly())
                {
                    m_profileAPICheck = true;
                }
            }
#endif
            // Make sure that ManifestModule is properly initialized
            // We need to do this before setting any CustomAttribute
            InitManifestModule();

            if (assemblyAttributes != null)
            {
                foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
                {
                    SetCustomAttribute(assemblyAttribute);
                }
            }
        }
Пример #24
0
        public static void Run(string typeName, string methodName, string fieldName, string propertyName, string moduleName,
                               byte[] data, string name, string path, AssemblyName assemblyName,
                               Evidence evidence, SecurityContextSource contextSource)
        {
            //Assembly.Load(...) // Questionable
            Assembly.Load(assemblyName);
//          ^^^^^^^^^^^^^^^^^^^^^^^^^^^     {{Make sure that this dynamic injection or execution of code is safe.}}
            Assembly.Load(data);                        // Noncompliant
            Assembly.Load(assemblyName, evidence);      // Noncompliant
            Assembly.Load(data, data);                  // Noncompliant
            Assembly.Load(name, evidence);              // Noncompliant
            Assembly.Load(data, data, evidence);        // Noncompliant
            Assembly.Load(data, data, contextSource);   // Noncompliant

            //Assembly.LoadFile(...) // Questionable
            Assembly.LoadFile(path);                // Noncompliant
            Assembly.LoadFile(path, evidence);      // Noncompliant

            //Assembly.LoadFrom(...) // Questionable
            Assembly.LoadFrom(path);                                                                             // Noncompliant
            Assembly.LoadFrom(path, evidence);                                                                   // Noncompliant
            Assembly.LoadFrom(path, data, System.Configuration.Assemblies.AssemblyHashAlgorithm.MD5);            // Noncompliant
            Assembly.LoadFrom(path, evidence, data, System.Configuration.Assemblies.AssemblyHashAlgorithm.None); // Noncompliant

            //Assembly.LoadWithPartialName(...) // Questionable + deprecated
            Assembly.LoadWithPartialName(name);             // Noncompliant
            Assembly.LoadWithPartialName(name, evidence);   // Noncompliant

            //Assembly.ReflectionOnlyLoad(...)  ' This is OK as the resulting type is not executable.
            Assembly.ReflectionOnlyLoad(data);
            Assembly.ReflectionOnlyLoad(name);

            Assembly assembly = typeof(TestReflection).Assembly;

            // Review this code to make sure that the module, type, method and field are safe
            Type type = assembly.GetType(typeName);

//                      ^^^^^^^^^^^^^^^^^^^^^^^^^^     {{Make sure that this dynamic injection or execution of code is safe.}}


            type = assembly.GetType(typeName, false);                            // Noncompliant
            type = assembly.GetType(typeName, false, false);                     // Noncompliant
            Module module = assembly.GetModule(moduleName);                      // Noncompliant

            type = Type.GetType(typeName);                                       // Noncompliant
            type = Type.GetType(typeName, true);                                 // Noncompliant
            type = Type.GetType(typeName, true, true);                           // Noncompliant

            type = type.GetNestedType(typeName);                                 // Noncompliant
            type = type.GetNestedType(typeName, BindingFlags.Instance);          // Noncompliant

            type = type.GetInterface(typeName);                                  // Noncompliant
            type = type.GetInterface(typeName, false);                           // Noncompliant

            MethodInfo method = type.GetMethod(methodName);                      // Noncompliant

            method = type.GetMethod(methodName, BindingFlags.IgnoreReturn);      // Noncompliant
            method = type.GetMethod(methodName, new Type[] { });                 // Noncompliant

            FieldInfo field = type.GetField(fieldName);                          // Noncompliant

            field = type.GetField(fieldName, BindingFlags.SetField);             // Noncompliant

            PropertyInfo property = type.GetProperty(propertyName);              // Noncompliant

            property = type.GetProperty(propertyName, BindingFlags.SetProperty); // Noncompliant


            // Review this code to make sure that the modules, types, methods and fields are used safely
            Module[] modules = assembly.GetModules();           // Noncompliant
            modules = assembly.GetLoadedModules();              // Noncompliant
            modules = assembly.GetLoadedModules(false);         // Noncompliant

            Type[] types = assembly.GetTypes();                 // Noncompliant
            types = assembly.GetExportedTypes();                // Noncompliant

            // Only available in NET Core 2.1+
            //types = assembly.GetForwardedTypes(); // Questionable

            types = type.GetNestedTypes();                      // Noncompliant
            types = type.GetNestedTypes(BindingFlags.Public);   // Noncompliant

            MethodInfo[]   methods    = type.GetMethods();      // Noncompliant
            FieldInfo[]    fields     = type.GetFields();       // Noncompliant
            PropertyInfo[] properties = type.GetProperties();   // Noncompliant
            MemberInfo[]   members    = type.GetMembers();      // Noncompliant
            members = type.GetMember(methodName);               // Noncompliant
            members = type.GetDefaultMembers();                 // Noncompliant

            //type.InvokeMember(...); // Questionable
            type.InvokeMember(methodName, BindingFlags.Public, null, null, null);                                         // Noncompliant
            type.InvokeMember(methodName, BindingFlags.Public, null, null, null, CultureInfo.CurrentCulture);             // Noncompliant
            type.InvokeMember(methodName, BindingFlags.Public, null, null, null, null, CultureInfo.CurrentCulture, null); // Noncompliant

            assembly.CreateInstance(typeName);                                                                            // Noncompliant
            assembly.CreateInstance(typeName, false);                                                                     // Noncompliant
            assembly.CreateInstance(typeName, false, BindingFlags.Public, null, null, CultureInfo.CurrentCulture, null);  // Noncompliant

            type = Type.ReflectionOnlyGetType(typeName, true, true);                                                      // This is OK as the resulting type is not executable.
        }
Пример #25
0
 public static Assembly Load(byte [] rawAssembly, byte [] rawSymbolStore, SecurityContextSource securityContextSource)
 {
     return(AppDomain.CurrentDomain.Load(rawAssembly, rawSymbolStore));
 }
Пример #26
0
 public AssemblyBuilder DefineDynamicAssembly(AssemblyName name, AssemblyBuilderAccess access, IEnumerable <CustomAttributeBuilder> assemblyAttributes, SecurityContextSource securityContextSource)
 {
     throw new PlatformNotSupportedException();
 }
Пример #27
0
 [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
 private AssemblyBuilder InternalDefineDynamicAssembly(
     AssemblyName name,
     AssemblyBuilderAccess access,
     String dir,
     Evidence evidence,
     PermissionSet requiredPermissions,
     PermissionSet optionalPermissions,
     PermissionSet refusedPermissions,
     ref StackCrawlMark stackMark,
     IEnumerable<CustomAttributeBuilder> assemblyAttributes,
     SecurityContextSource securityContextSource)
 {
     return AssemblyBuilder.InternalDefineDynamicAssembly(name,
                                                          access,
                                                          dir,
                                                          evidence,
                                                          requiredPermissions,
                                                          optionalPermissions,
                                                          refusedPermissions,
                                                          ref stackMark,
                                                          assemblyAttributes,
                                                          securityContextSource);
 }
Пример #28
0
 internal static extern RuntimeAssembly nLoadImage(byte[] rawAssembly, byte[] rawSymbolStore, System.Security.Policy.Evidence evidence, ref StackCrawlMark stackMark, bool fIntrospection, SecurityContextSource securityContextSource);