Dinis Cruz Research - Draft Notes

From OWASP
Revision as of 06:31, 22 December 2006 by Dinis.cruz (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

.Net framework using reflection to invoke a private member

  • Example from the .Net framework of using reflection to invoke a private member from another class

in : System.Data, Version=2.0.0.0


in System.Data.SqlClient.SqlCachedBuffer.ToXmlReader() : XmlReader


internal XmlReader ToXmlReader() {

     XmlReader reader1;
     SqlCachedStream stream1 = new SqlCachedStream(this);
     XmlReaderSettings settings1 = new XmlReaderSettings();
     settings1.ConformanceLevel = ConformanceLevel.Fragment;
     MethodInfo info1 = typeof(XmlReader).GetMethod("CreateSqlReader", BindingFlags.NonPublic | BindingFlags.Static);
     object[] objArray1 = new object[3];
     objArray1[0] = stream1;
     objArray1[1] = settings1;
     object[] objArray2 = objArray1;
     new ReflectionPermission(ReflectionPermissionFlag.MemberAccess).Assert();
     try
     {
           reader1 = (XmlReader) info1.Invoke(null, objArray2);
     }
     finally
     {
           CodeAccessPermission.RevertAssert();
     }
     return reader1;

}

to see other similar example of this use the Analyzer on System.Security.Permissions.ReflectionPermissionFlag

System.Security.Permissions.ReflectionPermissionFlag

Depends On Used By System.AppDomainInitializerInfo.Unwrap() : AppDomainInitializer System.Data.SqlClient.SqlCachedBuffer.ToXmlReader() : XmlReader System.Data.SqlClient.SqlStream.ToXmlReader() : XmlReader System.Data.SqlTypes.SqlXml.CreateReader() : XmlReader System.DelegateSerializationHolder.GetDelegate(DelegateEntry, Int32) : Delegate System.DelegateSerializationHolder.GetDelegateSerializationInfo(SerializationInfo, Type, Object, MethodInfo, Int32) : DelegateEntry System.Reflection.Emit.DynamicMethod.PerformSecurityCheck(Module, StackCrawlMark&, Boolean) : Void System.Reflection.Emit.DynamicMethod.PerformSecurityCheck(Type, StackCrawlMark&, Boolean) : Void System.Reflection.Emit.DynamicMethod+RTDynamicMethod.Invoke(Object, BindingFlags, Binder, Object[], CultureInfo) : Object System.RuntimeType+ActivatorCache.InitializeDelegateCreator() : Void System.Security.Permissions.ReflectionPermission..ctor(ReflectionPermissionFlag) System.Security.Permissions.ReflectionPermission.Copy() : IPermission System.Security.Permissions.ReflectionPermission.Flags : ReflectionPermissionFlag System.Security.Permissions.ReflectionPermission.FromXml(SecurityElement) : Void System.Security.Permissions.ReflectionPermission.get_Flags() : ReflectionPermissionFlag System.Security.Permissions.ReflectionPermission.Intersect(IPermission) : IPermission System.Security.Permissions.ReflectionPermission.IsSubsetOf(IPermission) : Boolean System.Security.Permissions.ReflectionPermission.IsUnrestricted() : Boolean System.Security.Permissions.ReflectionPermission.m_flags : ReflectionPermissionFlag System.Security.Permissions.ReflectionPermission.Reset() : Void System.Security.Permissions.ReflectionPermission.set_Flags(ReflectionPermissionFlag) : Void System.Security.Permissions.ReflectionPermission.SetUnrestricted(Boolean) : Void System.Security.Permissions.ReflectionPermission.ToXml() : SecurityElement System.Security.Permissions.ReflectionPermission.Union(IPermission) : IPermission System.Security.Permissions.ReflectionPermission.VerifyAccess(ReflectionPermissionFlag) : Void System.Security.Permissions.ReflectionPermissionAttribute.CreatePermission() : IPermission System.Security.Permissions.ReflectionPermissionAttribute.Flags : ReflectionPermissionFlag System.Security.Permissions.ReflectionPermissionAttribute.get_Flags() : ReflectionPermissionFlag System.Security.Permissions.ReflectionPermissionAttribute.get_MemberAccess() : Boolean System.Security.Permissions.ReflectionPermissionAttribute.get_ReflectionEmit() : Boolean System.Security.Permissions.ReflectionPermissionAttribute.get_TypeInformation() : Boolean System.Security.Permissions.ReflectionPermissionAttribute.m_flag : ReflectionPermissionFlag System.Security.Permissions.ReflectionPermissionAttribute.set_Flags(ReflectionPermissionFlag) : Void System.Security.Permissions.ReflectionPermissionAttribute.set_MemberAccess(Boolean) : Void System.Security.Permissions.ReflectionPermissionAttribute.set_ReflectionEmit(Boolean) : Void System.Security.Permissions.ReflectionPermissionAttribute.set_TypeInformation(Boolean) : Void System.Security.Permissions.ReflectionPermissionFlag.AllFlags System.Security.Permissions.ReflectionPermissionFlag.MemberAccess System.Security.Permissions.ReflectionPermissionFlag.NoFlags System.Security.Permissions.ReflectionPermissionFlag.ReflectionEmit System.Security.Permissions.ReflectionPermissionFlag.TypeInformation System.Security.Policy.ApplicationSecurityManager.DecodeAppTrustManagerFromElement(SecurityElement) : IApplicationTrustManager System.Security.SecurityManager.GetSpecialFlags(PermissionSet, PermissionSet) : Int32 System.Security.SecurityManager.MapToSpecialFlags(SecurityPermissionFlag, ReflectionPermissionFlag) : Int32 System.Security.Util.XMLUtil.CreateCodeGroup(SecurityElement) : CodeGroup System.Security.Util.XMLUtil.CreateMembershipCondition(SecurityElement) : IMembershipCondition System.Security.Util.XMLUtil.CreatePermission(SecurityElement, PermissionState, Boolean) : IPermission System.Web.InternalSecurityPermissions.get_Reflection() : IStackWalk