ECall methods must be packaged into a system module

Revision as of 22:05, 9 July 2014 by Bill Sempf (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
This page has been recommended for deletion.
You can help OWASP by improving it or discussing it on its Talk page.
Please add a comment to '{{taggedDocument ... | comment=<comment> ... }}'. See

This code

       public extern static IntPtr GetFunctionPointer_();
       public static void Main()

will compile OK but throw this error:

   Unhandled Exception: System.Security.SecurityException: ECall methods must be packaged into a system module.

Note: changing the MSIL to GetFunctionPointer(); so that we are calling the correct internal function name GetFunctionPointer() (versus GetFunctionPointer_()), throws the same error ( GetFunctionPointer() will not compile). Executing from Partial trust throws the same error since Peverify finds no issues with it.

This makes sense since if this was possible, there would be dozens of ways to bypass the CLR Security Measures