Difference between revisions of ".Net Type Safety"

From OWASP
Jump to: navigation, search
(3 intermediate revisions by one user not shown)
Line 2: Line 2:
 
* [[Possible Type Confusion issue in .Net 1.1 (only works in Full Trust)]]
 
* [[Possible Type Confusion issue in .Net 1.1 (only works in Full Trust)]]
 
* [[Full Trust CLR Verification issue: changing the Method Parameters order]]
 
* [[Full Trust CLR Verification issue: changing the Method Parameters order]]
 +
* [[Full Trust CLR Verification issue: changing the return address order]]
 
* [[Full Trust CLR Verification issue: Changing Private Field using Proxy Struct]]
 
* [[Full Trust CLR Verification issue: Changing Private Field using Proxy Struct]]
 
* [[Full Trust CLR Verification issue: Exploiting Passing Reference Types by Reference]]
 
* [[Full Trust CLR Verification issue: Exploiting Passing Reference Types by Reference]]
 
* [[Manipulating private method behaviour by overriding public virtual methods in public classes]]
 
* [[Manipulating private method behaviour by overriding public virtual methods in public classes]]
 
* [[CSharp readonly modifier is not inforced by the CLR (when in Full Trust)]]
 
* [[CSharp readonly modifier is not inforced by the CLR (when in Full Trust)]]
 +
* [[ANSI/UNICODE bug in System.Net.HttpListenerRequest]]
  
 
'''Further Research:'''
 
'''Further Research:'''
Line 11: Line 13:
 
* [[ECall methods must be packaged into a system module]]
 
* [[ECall methods must be packaged into a system module]]
 
* [[JIT prevents short overflow (and PeVerify doesn't catch it)]]
 
* [[JIT prevents short overflow (and PeVerify doesn't catch it)]]
 +
  
 
Other
 
Other
 
* [[Microsoft's Comments on the Full Trust Type Safety issues]]
 
* [[Microsoft's Comments on the Full Trust Type Safety issues]]
 +
 
[[Category:OWASP .NET Project]]
 
[[Category:OWASP .NET Project]]

Revision as of 22:44, 28 July 2006

Issues:

Further Research:


Other