[System.Security.SecurityCritical] // auto-generated
// [ResourceExposure(ResourceScope.Machine)]
// [ResourceConsumption(ResourceScope.Machine)]
internal static AssemblyBuilder InternalDefineDynamicAssembly(
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
// if (evidence != null && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
// throw new NotSupportedException(("NotSupported_RequiresCasPolicyExplicit"));
lock (typeof(AssemblyBuilderLock))
{
// we can only create dynamic assemblies in the current domain
return(default(AssemblyBuilder));
/*
* return new AssemblyBuilder(AppDomain.CurrentDomain,
* name,
* access,
* dir,
* evidence,
* requiredPermissions,
* optionalPermissions,
* refusedPermissions,
* ref stackMark,
* unsafeAssemblyAttributes,
* securityContextSource); */
} //lock(typeof(AssemblyBuilderLock))
}
internal static AssemblyBuilder InternalDefineDynamicAssembly(
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
lock (typeof(AssemblyBuilderLock))
{
// we can only create dynamic assemblies in the current domain
return(new AssemblyBuilder(AppDomain.CurrentDomain,
name,
access,
dir,
evidence,
requiredPermissions,
optionalPermissions,
refusedPermissions,
ref stackMark,
unsafeAssemblyAttributes,
securityContextSource));
} //lock(typeof(AssemblyBuilderLock))
}
private static extern Assembly nCreateDynamicAssembly(AppDomain domain,
AssemblyName name,
Evidence identity,
ref StackCrawlMark stackMark,
byte[] securityRulesBlob,
byte[] aptcaBlob,
AssemblyBuilderAccess access,
DynamicAssemblyFlags flags,
SecurityContextSource securityContextSource);
public static Assembly Load(byte[] rawAssembly, byte[] rawSymbolStore, SecurityContextSource securityContextSource)
{
if ((securityContextSource < SecurityContextSource.CurrentAppDomain) || (securityContextSource > SecurityContextSource.CurrentAssembly))
{
throw new ArgumentOutOfRangeException("securityContextSource");
}
StackCrawlMark lookForMyCaller = StackCrawlMark.LookForMyCaller;
return(RuntimeAssembly.nLoadImage(rawAssembly, rawSymbolStore, null, ref lookForMyCaller, false, securityContextSource));
}
[System.Security.SecurityCritical] // auto-generated
internal static AssemblyBuilder InternalDefineDynamicAssembly(
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
#if FEATURE_CAS_POLICY
if (evidence != null && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyExplicit"));
}
#endif // FEATURE_CAS_POLICY
lock (typeof(AssemblyBuilderLock))
{
// we can only create dynamic assemblies in the current domain
return new AssemblyBuilder(AppDomain.CurrentDomain,
name,
access,
dir,
evidence,
requiredPermissions,
optionalPermissions,
refusedPermissions,
ref stackMark,
unsafeAssemblyAttributes,
securityContextSource);
} //lock(typeof(AssemblyBuilderLock))
}
private static extern Assembly nCreateDynamicAssembly(AppDomain domain,
AssemblyName name,
Evidence identity,
ref StackCrawlMark stackMark,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
byte[] securityRulesBlob,
byte[] aptcaBlob,
AssemblyBuilderAccess access,
DynamicAssemblyFlags flags,
SecurityContextSource securityContextSource);
[System.Security.SecurityCritical] // auto-generated
internal AssemblyBuilder(AppDomain domain,
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
if (name == null)
throw new ArgumentNullException("name");
if (access != AssemblyBuilderAccess.Run
#if !FEATURE_CORECLR
&& access != AssemblyBuilderAccess.Save
&& access != AssemblyBuilderAccess.RunAndSave
#endif // !FEATURE_CORECLR
#if FEATURE_REFLECTION_ONLY_LOAD
&& access != AssemblyBuilderAccess.ReflectionOnly
#endif // FEATURE_REFLECTION_ONLY_LOAD
#if FEATURE_COLLECTIBLE_TYPES
&& access != AssemblyBuilderAccess.RunAndCollect
#endif // FEATURE_COLLECTIBLE_TYPES
)
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), "access");
}
if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
securityContextSource > SecurityContextSource.CurrentAssembly)
{
throw new ArgumentOutOfRangeException("securityContextSource");
}
// Clone the name in case the caller modifies it underneath us.
name = (AssemblyName)name.Clone();
#if !FEATURE_CORECLR
// Set the public key from the key pair if one has been provided.
// (Overwite any public key in the Assembly name, since it's no
// longer valid to have a disparity).
if (name.KeyPair != null)
name.SetPublicKey(name.KeyPair.PublicKey);
#endif
// If the caller is trusted they can supply identity
// evidence for the new assembly. Otherwise we copy the
// current grant and deny sets from the caller's assembly,
// inject them into the new assembly and mark policy as
// resolved. If/when the assembly is persisted and
// reloaded, the normal rules for gathering evidence will
// be used.
if (evidence != null)
#pragma warning disable 618
new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
#pragma warning restore 618
#if FEATURE_COLLECTIBLE_TYPES && !FEATURE_CORECLR
// Collectible assemblies require FullTrust. This demand may be removed if we deem the
// feature robust enough to be used directly by untrusted API consumers.
if (access == AssemblyBuilderAccess.RunAndCollect)
new PermissionSet(PermissionState.Unrestricted).Demand();
#endif // FEATURE_COLLECTIBLE_TYPES && !FEATURE_CORECLR
// Scan the assembly level attributes for any attributes which modify how we create the
// assembly. Currently, we look for any attribute which modifies the security transparency
// of the assembly.
List<CustomAttributeBuilder> assemblyAttributes = null;
DynamicAssemblyFlags assemblyFlags = DynamicAssemblyFlags.None;
byte[] securityRulesBlob = null;
byte[] aptcaBlob = null;
if (unsafeAssemblyAttributes != null)
{
// Create a copy to ensure that it cannot be modified from another thread
// as it is used further below.
assemblyAttributes = new List<CustomAttributeBuilder>(unsafeAssemblyAttributes);
#pragma warning disable 618 // We deal with legacy attributes here as well for compat
foreach (CustomAttributeBuilder attribute in assemblyAttributes)
{
if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
{
assemblyFlags |= DynamicAssemblyFlags.Transparent;
}
else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
{
#if !FEATURE_CORECLR
SecurityCriticalScope scope = SecurityCriticalScope.Everything;
if (attribute.m_constructorArgs != null &&
attribute.m_constructorArgs.Length == 1 &&
attribute.m_constructorArgs[0] is SecurityCriticalScope)
{
scope = (SecurityCriticalScope)attribute.m_constructorArgs[0];
}
assemblyFlags |= DynamicAssemblyFlags.Critical;
if (scope == SecurityCriticalScope.Everything)
#endif // !FEATURE_CORECLR
{
assemblyFlags |= DynamicAssemblyFlags.AllCritical;
}
}
#if !FEATURE_CORECLR
else if (attribute.m_con.DeclaringType == typeof(SecurityRulesAttribute))
{
securityRulesBlob = new byte[attribute.m_blob.Length];
Buffer.BlockCopy(attribute.m_blob, 0, securityRulesBlob, 0, securityRulesBlob.Length);
}
else if (attribute.m_con.DeclaringType == typeof(SecurityTreatAsSafeAttribute))
{
assemblyFlags |= DynamicAssemblyFlags.TreatAsSafe;
}
#endif // !FEATURE_CORECLR
#if FEATURE_APTCA
else if (attribute.m_con.DeclaringType == typeof(AllowPartiallyTrustedCallersAttribute))
{
assemblyFlags |= DynamicAssemblyFlags.Aptca;
aptcaBlob = new byte[attribute.m_blob.Length];
Buffer.BlockCopy(attribute.m_blob, 0, aptcaBlob, 0, aptcaBlob.Length);
}
#endif // FEATURE_APTCA
}
#pragma warning restore 618
}
m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
name,
evidence,
ref stackMark,
requiredPermissions,
optionalPermissions,
refusedPermissions,
securityRulesBlob,
aptcaBlob,
access,
assemblyFlags,
securityContextSource);
m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
name.Name,
access,
dir);
m_assemblyData.AddPermissionRequests(requiredPermissions,
optionalPermissions,
refusedPermissions);
#if FEATURE_APPX
if (AppDomain.ProfileAPICheck)
{
RuntimeAssembly creator = RuntimeAssembly.GetExecutingAssembly(ref stackMark);
if (creator != null && !creator.IsFrameworkAssembly())
m_profileAPICheck = true;
}
#endif
// Make sure that ManifestModule is properly initialized
// We need to do this before setting any CustomAttribute
InitManifestModule();
if (assemblyAttributes != null)
{
foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
SetCustomAttribute(assemblyAttribute);
}
}
internal AssemblyBuilder(AppDomain domain,
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
if (name == null)
throw new ArgumentNullException(nameof(name));
if (access != AssemblyBuilderAccess.Run
#if FEATURE_REFLECTION_ONLY_LOAD
&& access != AssemblyBuilderAccess.ReflectionOnly
#endif // FEATURE_REFLECTION_ONLY_LOAD
#if FEATURE_COLLECTIBLE_TYPES
&& access != AssemblyBuilderAccess.RunAndCollect
#endif // FEATURE_COLLECTIBLE_TYPES
)
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), nameof(access));
}
if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
securityContextSource > SecurityContextSource.CurrentAssembly)
{
throw new ArgumentOutOfRangeException(nameof(securityContextSource));
}
// Clone the name in case the caller modifies it underneath us.
name = (AssemblyName)name.Clone();
// If the caller is trusted they can supply identity
// evidence for the new assembly. Otherwise we copy the
// current grant and deny sets from the caller's assembly,
// inject them into the new assembly and mark policy as
// resolved. If/when the assembly is persisted and
// reloaded, the normal rules for gathering evidence will
// be used.
if (evidence != null)
#pragma warning disable 618
new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
#pragma warning restore 618
// Scan the assembly level attributes for any attributes which modify how we create the
// assembly. Currently, we look for any attribute which modifies the security transparency
// of the assembly.
List<CustomAttributeBuilder> assemblyAttributes = null;
DynamicAssemblyFlags assemblyFlags = DynamicAssemblyFlags.None;
byte[] securityRulesBlob = null;
byte[] aptcaBlob = null;
if (unsafeAssemblyAttributes != null)
{
// Create a copy to ensure that it cannot be modified from another thread
// as it is used further below.
assemblyAttributes = new List<CustomAttributeBuilder>(unsafeAssemblyAttributes);
#pragma warning disable 618 // We deal with legacy attributes here as well for compat
foreach (CustomAttributeBuilder attribute in assemblyAttributes)
{
if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
{
assemblyFlags |= DynamicAssemblyFlags.Transparent;
}
else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
{
{
assemblyFlags |= DynamicAssemblyFlags.AllCritical;
}
}
}
#pragma warning restore 618
}
m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
name,
evidence,
ref stackMark,
requiredPermissions,
optionalPermissions,
refusedPermissions,
securityRulesBlob,
aptcaBlob,
access,
assemblyFlags,
securityContextSource);
m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
name.Name,
access,
dir);
m_assemblyData.AddPermissionRequests(requiredPermissions,
optionalPermissions,
refusedPermissions);
#if FEATURE_APPX
if (AppDomain.ProfileAPICheck)
{
RuntimeAssembly creator = RuntimeAssembly.GetExecutingAssembly(ref stackMark);
if (creator != null && !creator.IsFrameworkAssembly())
m_profileAPICheck = true;
}
#endif
// Make sure that ManifestModule is properly initialized
// We need to do this before setting any CustomAttribute
InitManifestModule();
if (assemblyAttributes != null)
{
foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
SetCustomAttribute(assemblyAttribute);
}
}
[MethodImpl(MethodImplOptions.NoInlining)] // Due to the stack crawl mark
public static Assembly Load(byte[] rawAssembly,
byte[] rawSymbolStore,
SecurityContextSource securityContextSource)
{
Contract.Ensures(Contract.Result<Assembly>() != null);
Contract.Ensures(!Contract.Result<Assembly>().ReflectionOnly);
AppDomain.CheckLoadByteArraySupported();
if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
securityContextSource > SecurityContextSource.CurrentAssembly)
{
throw new ArgumentOutOfRangeException("securityContextSource");
}
StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
return RuntimeAssembly.nLoadImage(rawAssembly,
rawSymbolStore,
null, // evidence
ref stackMark,
false, // fIntrospection
securityContextSource);
}
public static Assembly Load (byte [] rawAssembly, byte [] rawSymbolStore, SecurityContextSource securityContextSource)
{
return AppDomain.CurrentDomain.Load (rawAssembly, rawSymbolStore);
}
public AssemblyBuilder DefineDynamicAssembly(AssemblyName name, AssemblyBuilderAccess access, IEnumerable<CustomAttributeBuilder> assemblyAttributes, SecurityContextSource securityContextSource)
{
StackCrawlMark stackCrawlMark = StackCrawlMark.LookForMyCaller;
return this.InternalDefineDynamicAssembly(name, access, null, null, null, null, null, ref stackCrawlMark, assemblyAttributes, securityContextSource);
}
internal static AssemblyBuilder InternalDefineDynamicAssembly(AssemblyName name, AssemblyBuilderAccess access, string dir, System.Security.Policy.Evidence evidence, System.Security.PermissionSet requiredPermissions, System.Security.PermissionSet optionalPermissions, System.Security.PermissionSet refusedPermissions, ref StackCrawlMark stackMark, IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes, SecurityContextSource securityContextSource)
{
if ((evidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyExplicit"));
}
lock (typeof(AssemblyBuilderLock))
{
return new AssemblyBuilder(AppDomain.CurrentDomain, name, access, dir, evidence, requiredPermissions, optionalPermissions, refusedPermissions, ref stackMark, unsafeAssemblyAttributes, securityContextSource);
}
}
public IAssembly Load(byte[] rawAssembly, byte[] rawSymbolStore, SecurityContextSource securityContextSource)
{
return(new AssemblyWrap(Assembly.Load(rawAssembly, rawSymbolStore, securityContextSource)));
}
internal AssemblyBuilder(AppDomain domain, AssemblyName name, AssemblyBuilderAccess access, string dir, System.Security.Policy.Evidence evidence, System.Security.PermissionSet requiredPermissions, System.Security.PermissionSet optionalPermissions, System.Security.PermissionSet refusedPermissions, ref StackCrawlMark stackMark, IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes, SecurityContextSource securityContextSource)
{
if (name == null)
{
throw new ArgumentNullException("name");
}
if ((((access != AssemblyBuilderAccess.Run) && (access != AssemblyBuilderAccess.Save)) && ((access != AssemblyBuilderAccess.RunAndSave) && (access != AssemblyBuilderAccess.ReflectionOnly))) && (access != AssemblyBuilderAccess.RunAndCollect))
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", new object[] { (int) access }), "access");
}
if ((securityContextSource < SecurityContextSource.CurrentAppDomain) || (securityContextSource > SecurityContextSource.CurrentAssembly))
{
throw new ArgumentOutOfRangeException("securityContextSource");
}
if (name.KeyPair != null)
{
name.SetPublicKey(name.KeyPair.PublicKey);
}
if (evidence != null)
{
new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
}
if (access == AssemblyBuilderAccess.RunAndCollect)
{
new System.Security.PermissionSet(PermissionState.Unrestricted).Demand();
}
List<CustomAttributeBuilder> list = null;
DynamicAssemblyFlags none = DynamicAssemblyFlags.None;
byte[] destinationArray = null;
byte[] buffer2 = null;
if (unsafeAssemblyAttributes != null)
{
list = new List<CustomAttributeBuilder>(unsafeAssemblyAttributes);
foreach (CustomAttributeBuilder builder in list)
{
if (builder.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
{
none |= DynamicAssemblyFlags.Transparent;
}
else if (builder.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
{
SecurityCriticalScope everything = SecurityCriticalScope.Everything;
if (((builder.m_constructorArgs != null) && (builder.m_constructorArgs.Length == 1)) && (builder.m_constructorArgs[0] is SecurityCriticalScope))
{
everything = (SecurityCriticalScope) builder.m_constructorArgs[0];
}
none |= DynamicAssemblyFlags.Critical;
if (everything == SecurityCriticalScope.Everything)
{
none |= DynamicAssemblyFlags.AllCritical;
}
}
else if (builder.m_con.DeclaringType == typeof(SecurityRulesAttribute))
{
destinationArray = new byte[builder.m_blob.Length];
Array.Copy(builder.m_blob, destinationArray, destinationArray.Length);
}
else if (builder.m_con.DeclaringType == typeof(SecurityTreatAsSafeAttribute))
{
none |= DynamicAssemblyFlags.TreatAsSafe;
}
else if (builder.m_con.DeclaringType == typeof(AllowPartiallyTrustedCallersAttribute))
{
none |= DynamicAssemblyFlags.Aptca;
buffer2 = new byte[builder.m_blob.Length];
Array.Copy(builder.m_blob, buffer2, buffer2.Length);
}
}
}
this.m_internalAssemblyBuilder = (InternalAssemblyBuilder) nCreateDynamicAssembly(domain, name, evidence, ref stackMark, requiredPermissions, optionalPermissions, refusedPermissions, destinationArray, buffer2, access, none, securityContextSource);
this.m_assemblyData = new AssemblyBuilderData(this.m_internalAssemblyBuilder, name.Name, access, dir);
this.m_assemblyData.AddPermissionRequests(requiredPermissions, optionalPermissions, refusedPermissions);
this.InitManifestModule();
if (list != null)
{
foreach (CustomAttributeBuilder builder2 in list)
{
this.SetCustomAttribute(builder2);
}
}
}
internal AssemblyBuilder(AppDomain domain,
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
ref StackCrawlMark stackMark,
IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
if (name == null)
{
throw new ArgumentNullException(nameof(name));
}
if (access != AssemblyBuilderAccess.Run &&
access != AssemblyBuilderAccess.RunAndCollect
)
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), nameof(access));
}
if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
securityContextSource > SecurityContextSource.CurrentAssembly)
{
throw new ArgumentOutOfRangeException(nameof(securityContextSource));
}
// Clone the name in case the caller modifies it underneath us.
name = (AssemblyName)name.Clone();
// Scan the assembly level attributes for any attributes which modify how we create the
// assembly. Currently, we look for any attribute which modifies the security transparency
// of the assembly.
List <CustomAttributeBuilder> assemblyAttributes = null;
DynamicAssemblyFlags assemblyFlags = DynamicAssemblyFlags.None;
byte[] securityRulesBlob = null;
byte[] aptcaBlob = null;
if (unsafeAssemblyAttributes != null)
{
// Create a copy to ensure that it cannot be modified from another thread
// as it is used further below.
assemblyAttributes = new List <CustomAttributeBuilder>(unsafeAssemblyAttributes);
#pragma warning disable 618 // We deal with legacy attributes here as well for compat
foreach (CustomAttributeBuilder attribute in assemblyAttributes)
{
if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
{
assemblyFlags |= DynamicAssemblyFlags.Transparent;
}
else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
{
{
assemblyFlags |= DynamicAssemblyFlags.AllCritical;
}
}
}
#pragma warning restore 618
}
m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
name,
evidence,
ref stackMark,
securityRulesBlob,
aptcaBlob,
access,
assemblyFlags,
securityContextSource);
m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
name.Name,
access,
dir);
// Make sure that ManifestModule is properly initialized
// We need to do this before setting any CustomAttribute
InitManifestModule();
if (assemblyAttributes != null)
{
foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
{
SetCustomAttribute(assemblyAttribute);
}
}
}
internal static AssemblyBuilder InternalDefineDynamicAssembly(
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable<CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
lock (typeof(AssemblyBuilderLock))
{
// we can only create dynamic assemblies in the current domain
return new AssemblyBuilder(AppDomain.CurrentDomain,
name,
access,
dir,
evidence,
requiredPermissions,
optionalPermissions,
refusedPermissions,
ref stackMark,
unsafeAssemblyAttributes,
securityContextSource);
} //lock(typeof(AssemblyBuilderLock))
}
public IAssembly Load(byte[] rawAssembly, byte[] rawSymbolStore, SecurityContextSource securityContextSource)
{
return new AssemblyWrap(Assembly.Load(rawAssembly, rawSymbolStore, securityContextSource));
}
[MethodImpl(MethodImplOptions.NoInlining)] // Due to the stack crawl mark
public static Assembly Load(byte[] rawAssembly,
byte[] rawSymbolStore,
SecurityContextSource securityContextSource)
{
if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
securityContextSource > SecurityContextSource.CurrentAssembly)
{
throw new ArgumentOutOfRangeException("securityContextSource");
}
StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
return RuntimeAssembly.nLoadImage(rawAssembly,
rawSymbolStore,
null, // evidence
ref stackMark,
false, // fIntrospection
securityContextSource);
}
public AssemblyBuilder DefineDynamicAssembly (AssemblyName name, AssemblyBuilderAccess access, IEnumerable<CustomAttributeBuilder> assemblyAttributes, SecurityContextSource securityContextSource)
{
return DefineDynamicAssembly (name, access, assemblyAttributes);
}
static internal extern Assembly nLoadImage(byte[] rawAssembly,
byte[] rawSymbolStore,
Evidence evidence,
ref StackCrawlMark stackMark,
bool fIntrospection,
SecurityContextSource securityContextSource);
static internal extern RuntimeAssembly nLoadImage(byte[] rawAssembly,
byte[] rawSymbolStore,
Evidence evidence,
ref StackCrawlMark stackMark,
bool fIntrospection,
SecurityContextSource securityContextSource);
public AssemblyBuilder DefineDynamicAssembly(AssemblyName name,
AssemblyBuilderAccess access,
IEnumerable<CustomAttributeBuilder> assemblyAttributes,
SecurityContextSource securityContextSource)
{
Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
return InternalDefineDynamicAssembly(name,
access,
null, null, null, null, null,
ref stackMark,
assemblyAttributes,
securityContextSource);
}
internal AssemblyBuilder(AppDomain domain,
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable <CustomAttributeBuilder> unsafeAssemblyAttributes,
SecurityContextSource securityContextSource)
{
if (name == null)
{
throw new ArgumentNullException(nameof(name));
}
if (access != AssemblyBuilderAccess.Run
#if FEATURE_REFLECTION_ONLY_LOAD
&& access != AssemblyBuilderAccess.ReflectionOnly
#endif // FEATURE_REFLECTION_ONLY_LOAD
&& access != AssemblyBuilderAccess.RunAndCollect
)
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access), nameof(access));
}
if (securityContextSource < SecurityContextSource.CurrentAppDomain ||
securityContextSource > SecurityContextSource.CurrentAssembly)
{
throw new ArgumentOutOfRangeException(nameof(securityContextSource));
}
// Clone the name in case the caller modifies it underneath us.
name = (AssemblyName)name.Clone();
// If the caller is trusted they can supply identity
// evidence for the new assembly. Otherwise we copy the
// current grant and deny sets from the caller's assembly,
// inject them into the new assembly and mark policy as
// resolved. If/when the assembly is persisted and
// reloaded, the normal rules for gathering evidence will
// be used.
if (evidence != null)
#pragma warning disable 618
{
new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
}
#pragma warning restore 618
// Scan the assembly level attributes for any attributes which modify how we create the
// assembly. Currently, we look for any attribute which modifies the security transparency
// of the assembly.
List <CustomAttributeBuilder> assemblyAttributes = null;
DynamicAssemblyFlags assemblyFlags = DynamicAssemblyFlags.None;
byte[] securityRulesBlob = null;
byte[] aptcaBlob = null;
if (unsafeAssemblyAttributes != null)
{
// Create a copy to ensure that it cannot be modified from another thread
// as it is used further below.
assemblyAttributes = new List <CustomAttributeBuilder>(unsafeAssemblyAttributes);
#pragma warning disable 618 // We deal with legacy attributes here as well for compat
foreach (CustomAttributeBuilder attribute in assemblyAttributes)
{
if (attribute.m_con.DeclaringType == typeof(SecurityTransparentAttribute))
{
assemblyFlags |= DynamicAssemblyFlags.Transparent;
}
else if (attribute.m_con.DeclaringType == typeof(SecurityCriticalAttribute))
{
{
assemblyFlags |= DynamicAssemblyFlags.AllCritical;
}
}
}
#pragma warning restore 618
}
m_internalAssemblyBuilder = (InternalAssemblyBuilder)nCreateDynamicAssembly(domain,
name,
evidence,
ref stackMark,
requiredPermissions,
optionalPermissions,
refusedPermissions,
securityRulesBlob,
aptcaBlob,
access,
assemblyFlags,
securityContextSource);
m_assemblyData = new AssemblyBuilderData(m_internalAssemblyBuilder,
name.Name,
access,
dir);
m_assemblyData.AddPermissionRequests(requiredPermissions,
optionalPermissions,
refusedPermissions);
#if FEATURE_APPX
if (AppDomain.ProfileAPICheck)
{
RuntimeAssembly creator = RuntimeAssembly.GetExecutingAssembly(ref stackMark);
if (creator != null && !creator.IsFrameworkAssembly())
{
m_profileAPICheck = true;
}
}
#endif
// Make sure that ManifestModule is properly initialized
// We need to do this before setting any CustomAttribute
InitManifestModule();
if (assemblyAttributes != null)
{
foreach (CustomAttributeBuilder assemblyAttribute in assemblyAttributes)
{
SetCustomAttribute(assemblyAttribute);
}
}
}
public static void Run(string typeName, string methodName, string fieldName, string propertyName, string moduleName,
byte[] data, string name, string path, AssemblyName assemblyName,
Evidence evidence, SecurityContextSource contextSource)
{
//Assembly.Load(...) // Questionable
Assembly.Load(assemblyName);
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^ {{Make sure that this dynamic injection or execution of code is safe.}}
Assembly.Load(data); // Noncompliant
Assembly.Load(assemblyName, evidence); // Noncompliant
Assembly.Load(data, data); // Noncompliant
Assembly.Load(name, evidence); // Noncompliant
Assembly.Load(data, data, evidence); // Noncompliant
Assembly.Load(data, data, contextSource); // Noncompliant
//Assembly.LoadFile(...) // Questionable
Assembly.LoadFile(path); // Noncompliant
Assembly.LoadFile(path, evidence); // Noncompliant
//Assembly.LoadFrom(...) // Questionable
Assembly.LoadFrom(path); // Noncompliant
Assembly.LoadFrom(path, evidence); // Noncompliant
Assembly.LoadFrom(path, data, System.Configuration.Assemblies.AssemblyHashAlgorithm.MD5); // Noncompliant
Assembly.LoadFrom(path, evidence, data, System.Configuration.Assemblies.AssemblyHashAlgorithm.None); // Noncompliant
//Assembly.LoadWithPartialName(...) // Questionable + deprecated
Assembly.LoadWithPartialName(name); // Noncompliant
Assembly.LoadWithPartialName(name, evidence); // Noncompliant
//Assembly.ReflectionOnlyLoad(...) ' This is OK as the resulting type is not executable.
Assembly.ReflectionOnlyLoad(data);
Assembly.ReflectionOnlyLoad(name);
Assembly assembly = typeof(TestReflection).Assembly;
// Review this code to make sure that the module, type, method and field are safe
Type type = assembly.GetType(typeName);
// ^^^^^^^^^^^^^^^^^^^^^^^^^^ {{Make sure that this dynamic injection or execution of code is safe.}}
type = assembly.GetType(typeName, false); // Noncompliant
type = assembly.GetType(typeName, false, false); // Noncompliant
Module module = assembly.GetModule(moduleName); // Noncompliant
type = Type.GetType(typeName); // Noncompliant
type = Type.GetType(typeName, true); // Noncompliant
type = Type.GetType(typeName, true, true); // Noncompliant
type = type.GetNestedType(typeName); // Noncompliant
type = type.GetNestedType(typeName, BindingFlags.Instance); // Noncompliant
type = type.GetInterface(typeName); // Noncompliant
type = type.GetInterface(typeName, false); // Noncompliant
MethodInfo method = type.GetMethod(methodName); // Noncompliant
method = type.GetMethod(methodName, BindingFlags.IgnoreReturn); // Noncompliant
method = type.GetMethod(methodName, new Type[] { }); // Noncompliant
FieldInfo field = type.GetField(fieldName); // Noncompliant
field = type.GetField(fieldName, BindingFlags.SetField); // Noncompliant
PropertyInfo property = type.GetProperty(propertyName); // Noncompliant
property = type.GetProperty(propertyName, BindingFlags.SetProperty); // Noncompliant
// Review this code to make sure that the modules, types, methods and fields are used safely
Module[] modules = assembly.GetModules(); // Noncompliant
modules = assembly.GetLoadedModules(); // Noncompliant
modules = assembly.GetLoadedModules(false); // Noncompliant
Type[] types = assembly.GetTypes(); // Noncompliant
types = assembly.GetExportedTypes(); // Noncompliant
// Only available in NET Core 2.1+
//types = assembly.GetForwardedTypes(); // Questionable
types = type.GetNestedTypes(); // Noncompliant
types = type.GetNestedTypes(BindingFlags.Public); // Noncompliant
MethodInfo[] methods = type.GetMethods(); // Noncompliant
FieldInfo[] fields = type.GetFields(); // Noncompliant
PropertyInfo[] properties = type.GetProperties(); // Noncompliant
MemberInfo[] members = type.GetMembers(); // Noncompliant
members = type.GetMember(methodName); // Noncompliant
members = type.GetDefaultMembers(); // Noncompliant
//type.InvokeMember(...); // Questionable
type.InvokeMember(methodName, BindingFlags.Public, null, null, null); // Noncompliant
type.InvokeMember(methodName, BindingFlags.Public, null, null, null, CultureInfo.CurrentCulture); // Noncompliant
type.InvokeMember(methodName, BindingFlags.Public, null, null, null, null, CultureInfo.CurrentCulture, null); // Noncompliant
assembly.CreateInstance(typeName); // Noncompliant
assembly.CreateInstance(typeName, false); // Noncompliant
assembly.CreateInstance(typeName, false, BindingFlags.Public, null, null, CultureInfo.CurrentCulture, null); // Noncompliant
type = Type.ReflectionOnlyGetType(typeName, true, true); // This is OK as the resulting type is not executable.
}
public static Assembly Load(byte [] rawAssembly, byte [] rawSymbolStore, SecurityContextSource securityContextSource)
{
return(AppDomain.CurrentDomain.Load(rawAssembly, rawSymbolStore));
}
public AssemblyBuilder DefineDynamicAssembly(AssemblyName name, AssemblyBuilderAccess access, IEnumerable <CustomAttributeBuilder> assemblyAttributes, SecurityContextSource securityContextSource)
{
throw new PlatformNotSupportedException();
}
[MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
private AssemblyBuilder InternalDefineDynamicAssembly(
AssemblyName name,
AssemblyBuilderAccess access,
String dir,
Evidence evidence,
PermissionSet requiredPermissions,
PermissionSet optionalPermissions,
PermissionSet refusedPermissions,
ref StackCrawlMark stackMark,
IEnumerable<CustomAttributeBuilder> assemblyAttributes,
SecurityContextSource securityContextSource)
{
return AssemblyBuilder.InternalDefineDynamicAssembly(name,
access,
dir,
evidence,
requiredPermissions,
optionalPermissions,
refusedPermissions,
ref stackMark,
assemblyAttributes,
securityContextSource);
}
internal static extern RuntimeAssembly nLoadImage(byte[] rawAssembly, byte[] rawSymbolStore, System.Security.Policy.Evidence evidence, ref StackCrawlMark stackMark, bool fIntrospection, SecurityContextSource securityContextSource);
