-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added DelegateValidator and unit tests for it.
- Loading branch information
Showing
11 changed files
with
398 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
bin | ||
obj | ||
packages | ||
.vs | ||
*.suo | ||
*.user |
58 changes: 58 additions & 0 deletions
58
SafeDeserializationHelpers.Tests/DelegateValidatorTests.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
namespace SafeDeserializationHelpers.Tests | ||
{ | ||
using System; | ||
using System.Collections.Generic; | ||
using System.Diagnostics; | ||
using System.IO; | ||
using System.Linq; | ||
using System.Text; | ||
using Microsoft.VisualStudio.TestTools.UnitTesting; | ||
|
||
[TestClass] | ||
public class DelegateValidatorTests | ||
{ | ||
[TestMethod] | ||
public void NullDelegateIsValid() | ||
{ | ||
// Assert.DoesNotThrow | ||
new DelegateValidator().ValidateDelegate(null); | ||
} | ||
|
||
[TestMethod] | ||
public void DelegateIsValidUnlessBlacklisted() | ||
{ | ||
new DelegateValidator().ValidateDelegate(new Action<int>(x => { })); | ||
} | ||
|
||
[TestMethod, ExpectedException(typeof(UnsafeDeserializationException))] | ||
public void SystemDiagnosticsDelegatesAreNotValid() | ||
{ | ||
var del = new Func<string, string, Process>(Process.Start); | ||
new DelegateValidator().ValidateDelegate(del); | ||
} | ||
|
||
[TestMethod, ExpectedException(typeof(UnsafeDeserializationException))] | ||
public void SystemIODelegatesAreNotValid() | ||
{ | ||
var del = new Action<string>(File.Delete); | ||
new DelegateValidator().ValidateDelegate(del); | ||
} | ||
|
||
[TestMethod] | ||
public void MulticastDelegatesAreValidated() | ||
{ | ||
var del = new Func<string, string, Process>((a, b) => null); | ||
del = Delegate.Combine(del, del, del) as Func<string, string, Process>; | ||
new DelegateValidator().ValidateDelegate(del); | ||
} | ||
|
||
[TestMethod, ExpectedException(typeof(UnsafeDeserializationException))] | ||
public void MulticastDelegatesWithSystemDiagnosticsMethodsAreNotValid() | ||
{ | ||
var del = new Func<string, string, Process>((a, b) => null); | ||
var start = new Func<string, string, Process>(Process.Start); | ||
del = Delegate.Combine(del, del, start, del, del) as Func<string, string, Process>; | ||
new DelegateValidator().ValidateDelegate(del); | ||
} | ||
} | ||
} |
36 changes: 36 additions & 0 deletions
36
SafeDeserializationHelpers.Tests/Properties/AssemblyInfo.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
using System.Reflection; | ||
using System.Runtime.CompilerServices; | ||
using System.Runtime.InteropServices; | ||
|
||
// General Information about an assembly is controlled through the following | ||
// set of attributes. Change these attribute values to modify the information | ||
// associated with an assembly. | ||
[assembly: AssemblyTitle("SafeDeserializationHelpers.Tests")] | ||
[assembly: AssemblyDescription("")] | ||
[assembly: AssemblyConfiguration("")] | ||
[assembly: AssemblyCompany("")] | ||
[assembly: AssemblyProduct("SafeDeserializationHelpers.Tests")] | ||
[assembly: AssemblyCopyright("Copyright © 2018")] | ||
[assembly: AssemblyTrademark("")] | ||
[assembly: AssemblyCulture("")] | ||
|
||
// Setting ComVisible to false makes the types in this assembly not visible | ||
// to COM components. If you need to access a type in this assembly from | ||
// COM, set the ComVisible attribute to true on that type. | ||
[assembly: ComVisible(false)] | ||
|
||
// The following GUID is for the ID of the typelib if this project is exposed to COM | ||
[assembly: Guid("c808ddee-be52-4384-8376-d4966fff9438")] | ||
|
||
// Version information for an assembly consists of the following four values: | ||
// | ||
// Major Version | ||
// Minor Version | ||
// Build Number | ||
// Revision | ||
// | ||
// You can specify all the values or you can default the Build and Revision Numbers | ||
// by using the '*' as shown below: | ||
// [assembly: AssemblyVersion("1.0.*")] | ||
[assembly: AssemblyVersion("1.0.0.0")] | ||
[assembly: AssemblyFileVersion("1.0.0.0")] |
58 changes: 58 additions & 0 deletions
58
SafeDeserializationHelpers.Tests/SafeDeserializationHelpers.Tests.csproj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | ||
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> | ||
<PropertyGroup> | ||
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> | ||
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> | ||
<ProjectGuid>{C808DDEE-BE52-4384-8376-D4966FFF9438}</ProjectGuid> | ||
<OutputType>Library</OutputType> | ||
<AppDesignerFolder>Properties</AppDesignerFolder> | ||
<RootNamespace>SafeDeserializationHelpers.Tests</RootNamespace> | ||
<AssemblyName>SafeDeserializationHelpers.Tests</AssemblyName> | ||
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion> | ||
<FileAlignment>512</FileAlignment> | ||
<TargetFrameworkProfile /> | ||
</PropertyGroup> | ||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> | ||
<DebugSymbols>true</DebugSymbols> | ||
<DebugType>full</DebugType> | ||
<Optimize>false</Optimize> | ||
<OutputPath>bin\Debug\</OutputPath> | ||
<DefineConstants>DEBUG;TRACE</DefineConstants> | ||
<ErrorReport>prompt</ErrorReport> | ||
<WarningLevel>4</WarningLevel> | ||
<Prefer32Bit>false</Prefer32Bit> | ||
</PropertyGroup> | ||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> | ||
<DebugType>pdbonly</DebugType> | ||
<Optimize>true</Optimize> | ||
<OutputPath>bin\Release\</OutputPath> | ||
<DefineConstants>TRACE</DefineConstants> | ||
<ErrorReport>prompt</ErrorReport> | ||
<WarningLevel>4</WarningLevel> | ||
<Prefer32Bit>false</Prefer32Bit> | ||
</PropertyGroup> | ||
<ItemGroup> | ||
<Reference Include="Microsoft.VisualStudio.QualityTools.UnitTestFramework, Version=10.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL" /> | ||
<Reference Include="System" /> | ||
<Reference Include="System.Core" /> | ||
<Reference Include="System.Xml.Linq" /> | ||
<Reference Include="System.Data.DataSetExtensions" /> | ||
<Reference Include="System.Data" /> | ||
<Reference Include="System.Xml" /> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<Compile Include="DelegateValidatorTests.cs" /> | ||
<Compile Include="Properties\AssemblyInfo.cs" /> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<ProjectReference Include="..\SafeDeserializationHelpers\SafeDeserializationHelpers.csproj"> | ||
<Project>{06ede6b8-ff31-45e3-9efb-7c92292d2404}</Project> | ||
<Name>SafeDeserializationHelpers</Name> | ||
</ProjectReference> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" /> | ||
</ItemGroup> | ||
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> | ||
</Project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
|
||
Microsoft Visual Studio Solution File, Format Version 12.00 | ||
# Visual Studio 15 | ||
VisualStudioVersion = 15.0.27428.2027 | ||
MinimumVisualStudioVersion = 10.0.40219.1 | ||
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SafeDeserializationHelpers", "SafeDeserializationHelpers\SafeDeserializationHelpers.csproj", "{06EDE6B8-FF31-45E3-9EFB-7C92292D2404}" | ||
EndProject | ||
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SafeDeserializationHelpers.Tests", "SafeDeserializationHelpers.Tests\SafeDeserializationHelpers.Tests.csproj", "{C808DDEE-BE52-4384-8376-D4966FFF9438}" | ||
EndProject | ||
Global | ||
GlobalSection(SolutionConfigurationPlatforms) = preSolution | ||
Debug|Any CPU = Debug|Any CPU | ||
Release|Any CPU = Release|Any CPU | ||
EndGlobalSection | ||
GlobalSection(ProjectConfigurationPlatforms) = postSolution | ||
{06EDE6B8-FF31-45E3-9EFB-7C92292D2404}.Debug|Any CPU.ActiveCfg = Debug|Any CPU | ||
{06EDE6B8-FF31-45E3-9EFB-7C92292D2404}.Debug|Any CPU.Build.0 = Debug|Any CPU | ||
{06EDE6B8-FF31-45E3-9EFB-7C92292D2404}.Release|Any CPU.ActiveCfg = Release|Any CPU | ||
{06EDE6B8-FF31-45E3-9EFB-7C92292D2404}.Release|Any CPU.Build.0 = Release|Any CPU | ||
{C808DDEE-BE52-4384-8376-D4966FFF9438}.Debug|Any CPU.ActiveCfg = Debug|Any CPU | ||
{C808DDEE-BE52-4384-8376-D4966FFF9438}.Debug|Any CPU.Build.0 = Debug|Any CPU | ||
{C808DDEE-BE52-4384-8376-D4966FFF9438}.Release|Any CPU.ActiveCfg = Release|Any CPU | ||
{C808DDEE-BE52-4384-8376-D4966FFF9438}.Release|Any CPU.Build.0 = Release|Any CPU | ||
EndGlobalSection | ||
GlobalSection(SolutionProperties) = preSolution | ||
HideSolutionNode = FALSE | ||
EndGlobalSection | ||
GlobalSection(ExtensibilityGlobals) = postSolution | ||
SolutionGuid = {6815B225-79EF-41D2-B260-4279E8EA5E82} | ||
EndGlobalSection | ||
EndGlobal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
namespace SafeDeserializationHelpers | ||
{ | ||
using System; | ||
using System.Collections.Generic; | ||
using System.Linq; | ||
using System.Text; | ||
|
||
/// <summary> | ||
/// Blacklist-based delegate validator. | ||
/// </summary> | ||
public class DelegateValidator | ||
{ | ||
/// <summary> | ||
/// The default blacklist of the namespaces. | ||
/// </summary> | ||
private static readonly string[] DefaultBlacklistedNamespaces = new[] | ||
{ | ||
"System.IO", | ||
"System.Diagnostics", | ||
}; | ||
|
||
/// <summary> | ||
/// Initializes a new instance of the <see cref="DelegateValidator"/> class. | ||
/// </summary> | ||
/// <param name="blacklistedNamespaces">Namespace blacklist.</param> | ||
public DelegateValidator(params string[] blacklistedNamespaces) | ||
{ | ||
if (blacklistedNamespaces == null || blacklistedNamespaces.Length == 0) | ||
{ | ||
blacklistedNamespaces = DefaultBlacklistedNamespaces; | ||
} | ||
|
||
BlacklistedNamespaces = new HashSet<string>(blacklistedNamespaces, StringComparer.OrdinalIgnoreCase); | ||
} | ||
|
||
private HashSet<string> BlacklistedNamespaces { get; } | ||
|
||
/// <summary> | ||
/// Validates the given delegates. | ||
/// Throws exceptions for methods defined in the blacklisted namespaces. | ||
/// </summary> | ||
/// <param name="del">The delegate to validate.</param> | ||
public void ValidateDelegate(Delegate del) | ||
{ | ||
if (del == null) | ||
{ | ||
return; | ||
} | ||
|
||
foreach (var d in del.GetInvocationList()) | ||
{ | ||
if (d == null) | ||
{ | ||
continue; | ||
} | ||
|
||
var type = d.Method.DeclaringType; | ||
if (BlacklistedNamespaces.Contains(type.Namespace)) | ||
{ | ||
var msg = $"Deserializing delegates for {type.FullName} may be unsafe."; | ||
throw new UnsafeDeserializationException(msg); | ||
} | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
// This file is used by Code Analysis to maintain SuppressMessage | ||
// attributes that are applied to this project. | ||
// Project-level suppressions either have no target or are given | ||
// a specific target and scoped to a namespace, type, member, etc. | ||
|
||
[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("StyleCop.CSharp.ReadabilityRules", "SA1101:Prefix local calls with this", Justification = "This is a visual garbage", Scope = "member", Target = "~M:SafeDeserializationHelpers.DelegateValidator.#ctor(System.String[])")] | ||
[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1633:File should have header", Justification = "Not necessary for this project")] | ||
[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("StyleCop.CSharp.ReadabilityRules", "SA1101:Prefix local calls with this", Justification = "<Pending>", Scope = "member", Target = "~M:SafeDeserializationHelpers.DelegateValidator.ValidateDelegate(System.Delegate)")] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
using System.Reflection; | ||
using System.Runtime.CompilerServices; | ||
using System.Runtime.InteropServices; | ||
|
||
// General Information about an assembly is controlled through the following | ||
// set of attributes. Change these attribute values to modify the information | ||
// associated with an assembly. | ||
[assembly: AssemblyTitle("SafeDeserializationHelpers")] | ||
[assembly: AssemblyDescription("")] | ||
[assembly: AssemblyConfiguration("")] | ||
[assembly: AssemblyCompany("")] | ||
[assembly: AssemblyProduct("SafeDeserializationHelpers")] | ||
[assembly: AssemblyCopyright("Copyright © 2018")] | ||
[assembly: AssemblyTrademark("")] | ||
[assembly: AssemblyCulture("")] | ||
|
||
// Setting ComVisible to false makes the types in this assembly not visible | ||
// to COM components. If you need to access a type in this assembly from | ||
// COM, set the ComVisible attribute to true on that type. | ||
[assembly: ComVisible(false)] | ||
|
||
// The following GUID is for the ID of the typelib if this project is exposed to COM | ||
[assembly: Guid("06ede6b8-ff31-45e3-9efb-7c92292d2404")] | ||
|
||
// Version information for an assembly consists of the following four values: | ||
// | ||
// Major Version | ||
// Minor Version | ||
// Build Number | ||
// Revision | ||
// | ||
// You can specify all the values or you can default the Build and Revision Numbers | ||
// by using the '*' as shown below: | ||
// [assembly: AssemblyVersion("1.0.*")] | ||
[assembly: AssemblyVersion("1.0.0.0")] | ||
[assembly: AssemblyFileVersion("1.0.0.0")] |
55 changes: 55 additions & 0 deletions
55
SafeDeserializationHelpers/SafeDeserializationHelpers.csproj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | ||
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> | ||
<PropertyGroup> | ||
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> | ||
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> | ||
<ProjectGuid>{06EDE6B8-FF31-45E3-9EFB-7C92292D2404}</ProjectGuid> | ||
<OutputType>Library</OutputType> | ||
<AppDesignerFolder>Properties</AppDesignerFolder> | ||
<RootNamespace>SafeDeserializationHelpers</RootNamespace> | ||
<AssemblyName>SafeDeserializationHelpers</AssemblyName> | ||
<TargetFrameworkVersion>v3.5</TargetFrameworkVersion> | ||
<FileAlignment>512</FileAlignment> | ||
</PropertyGroup> | ||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> | ||
<DebugSymbols>true</DebugSymbols> | ||
<DebugType>full</DebugType> | ||
<Optimize>false</Optimize> | ||
<OutputPath>bin\Debug\</OutputPath> | ||
<DefineConstants>DEBUG;TRACE</DefineConstants> | ||
<ErrorReport>prompt</ErrorReport> | ||
<WarningLevel>4</WarningLevel> | ||
<RunCodeAnalysis>true</RunCodeAnalysis> | ||
</PropertyGroup> | ||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> | ||
<DebugType>pdbonly</DebugType> | ||
<Optimize>true</Optimize> | ||
<OutputPath>bin\Release\</OutputPath> | ||
<DefineConstants>TRACE</DefineConstants> | ||
<ErrorReport>prompt</ErrorReport> | ||
<WarningLevel>4</WarningLevel> | ||
</PropertyGroup> | ||
<ItemGroup> | ||
<Reference Include="System" /> | ||
<Reference Include="System.Core" /> | ||
<Reference Include="System.Xml.Linq" /> | ||
<Reference Include="System.Data.DataSetExtensions" /> | ||
<Reference Include="System.Data" /> | ||
<Reference Include="System.Xml" /> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<Compile Include="DelegateValidator.cs" /> | ||
<Compile Include="GlobalSuppressions.cs" /> | ||
<Compile Include="UnsafeDeserializationException.cs" /> | ||
<Compile Include="Properties\AssemblyInfo.cs" /> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<None Include="packages.config" /> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<Analyzer Include="..\packages\StyleCop.Analyzers.1.1.0-beta006\analyzers\dotnet\cs\StyleCop.Analyzers.CodeFixes.dll" /> | ||
<Analyzer Include="..\packages\StyleCop.Analyzers.1.1.0-beta006\analyzers\dotnet\cs\StyleCop.Analyzers.dll" /> | ||
</ItemGroup> | ||
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> | ||
</Project> |
Oops, something went wrong.