CAS Security cleanup (#9355)

author: Jan Kotas <jkotas@microsoft.com> 2017-02-06 06:53:42 -0800
committer: GitHub <noreply@github.com> 2017-02-06 06:53:42 -0800
commit: 5c47caa806e6907df81e7a96864984df4d0f38cd (patch)
tree: e3437edcb63f42f98c93eb425b4e7a750eda73df /src/vm/appdomainnative.cpp
parent: 0b064eef415468f50e7360256e42737d247eb677 (diff)
download: coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.tar.gz
coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.tar.bz2
coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.zip
1 files changed, 0 insertions, 193 deletions
diff --git a/src/vm/appdomainnative.cpp b/src/vm/appdomainnative.cpp
index a96c643537..85c828f9ca 100644
--- a/src/vm/appdomainnative.cpp
+++ b/src/vm/appdomainnative.cpp
@@ -518,199 +518,6 @@ FCIMPL3(void, AppDomainNative::UpdateContextProperty, LPVOID fusionContext, Stri
 FCIMPLEND
 #endif  // FEATURE_FUSION
 
-/* static */
-INT32 AppDomainNative::ExecuteAssemblyHelper(Assembly* pAssembly,
-                                             BOOL bCreatedConsole,
-                                             PTRARRAYREF *pStringArgs)
-{
-    STATIC_CONTRACT_THROWS;
-
-    struct Param
-    {
-        Assembly* pAssembly;
-        PTRARRAYREF *pStringArgs;
-        INT32 iRetVal;
-    } param;
-    param.pAssembly = pAssembly;
-    param.pStringArgs = pStringArgs;
-    param.iRetVal = 0;
-
-    EE_TRY_FOR_FINALLY(Param *, pParam, &param)
-    {
-        pParam->iRetVal = pParam->pAssembly->ExecuteMainMethod(pParam->pStringArgs, FALSE /* waitForOtherThreads */);
-    }
-    EE_FINALLY 
-    {
-#ifndef FEATURE_PAL
-        if(bCreatedConsole)
-            FreeConsole();
-#endif // !FEATURE_PAL
-    } 
-    EE_END_FINALLY
-
-    return param.iRetVal;
-}
-
-static void UpgradeLinkTimeCheckToLateBoundDemand(MethodDesc* pMeth)
-{
-    CONTRACTL
-    {
-        THROWS;
-        GC_TRIGGERS;
-        MODE_COOPERATIVE;
-    }
-    CONTRACTL_END;
-
-    BOOL isEveryoneFullyTrusted = FALSE;
-
-    struct _gc 
-    {
-        OBJECTREF refClassNonCasDemands;
-        OBJECTREF refClassCasDemands;
-        OBJECTREF refMethodNonCasDemands;
-        OBJECTREF refMethodCasDemands;
-        OBJECTREF refThrowable;
-    } gc;
-    ZeroMemory(&gc, sizeof(gc));
-
-    GCPROTECT_BEGIN(gc);
-
-    isEveryoneFullyTrusted = Security::AllDomainsOnStackFullyTrusted();
-
-    // If all assemblies in the domain are fully trusted then we are not
-    // going to do any security checks anyway..
-    if (isEveryoneFullyTrusted) 
-    {
-        goto Exit1;
-    }
-
-
-    if (pMeth->RequiresLinktimeCheck()) 
-    {
-        // Fetch link demand sets from all the places in metadata where we might
-        // find them (class and method). These might be split into CAS and non-CAS
-        // sets as well.
-        Security::RetrieveLinktimeDemands(pMeth,
-                                          &gc.refClassCasDemands,
-                                          &gc.refClassNonCasDemands,
-                                          &gc.refMethodCasDemands,
-                                          &gc.refMethodNonCasDemands);
-
-        if (gc.refClassCasDemands == NULL && gc.refClassNonCasDemands == NULL &&
-            gc.refMethodCasDemands == NULL && gc.refMethodNonCasDemands == NULL &&
-            isEveryoneFullyTrusted) 
-        {
-            // All code access security demands will pass anyway.
-            goto Exit1;
-        }
-   
-        // The following logic turns link demands on the target method into full
-        // stack walks in order to close security holes in poorly written
-        // reflection users.
-
-#ifdef FEATURE_APTCA
-        if (Security::IsUntrustedCallerCheckNeeded(pMeth) )
-        {
-            // Check for untrusted caller
-            // It is possible that wrappers like VBHelper libraries that are
-            // fully trusted, make calls to public methods that do not have
-            // safe for Untrusted caller custom attribute set.
-            // Like all other link demand that gets transformed to a full stack 
-            // walk for reflection, calls to public methods also gets 
-            // converted to full stack walk
-
-            // NOTE: this will always do the APTCA check, regardless of method caller
-            Security::DoUntrustedCallerChecks(NULL, pMeth, TRUE);
-        }
-#endif
-
-        // CAS Link Demands
-        if (gc.refClassCasDemands != NULL)
-            Security::DemandSet(SSWT_LATEBOUND_LINKDEMAND, gc.refClassCasDemands);
-
-        if (gc.refMethodCasDemands != NULL)
-            Security::DemandSet(SSWT_LATEBOUND_LINKDEMAND, gc.refMethodCasDemands);
-
-        // Non-CAS demands are not applied against a grant
-        // set, they're standalone.
-        if (gc.refClassNonCasDemands != NULL)
-            Security::CheckNonCasDemand(&gc.refClassNonCasDemands);
-
-        if (gc.refMethodNonCasDemands != NULL)
-            Security::CheckNonCasDemand(&gc.refMethodNonCasDemands);
-    }
-
-Exit1:;
-    GCPROTECT_END();
-}
-
-FCIMPL3(INT32, AppDomainNative::ExecuteAssembly, AppDomainBaseObject* refThisUNSAFE,
-    AssemblyBaseObject* assemblyNameUNSAFE, PTRArray* stringArgsUNSAFE)
-{
-    FCALL_CONTRACT;
-
-    INT32 iRetVal = 0;
-
-    struct _gc
-    {
-        APPDOMAINREF    refThis;
-        ASSEMBLYREF     assemblyName;
-        PTRARRAYREF     stringArgs;
-    } gc;
-
-    gc.refThis      = (APPDOMAINREF) refThisUNSAFE;
-    gc.assemblyName = (ASSEMBLYREF)  assemblyNameUNSAFE;
-    gc.stringArgs   = (PTRARRAYREF)  stringArgsUNSAFE;
-
-    HELPER_METHOD_FRAME_BEGIN_RET_PROTECT(gc);
-
-    AppDomain* pDomain = ValidateArg(gc.refThis);
-
-    if (gc.assemblyName == NULL)
-        COMPlusThrow(kArgumentNullException, W("ArgumentNull_Generic"));
-
-    if((BaseDomain*) pDomain == SystemDomain::System()) 
-        COMPlusThrow(kUnauthorizedAccessException, W("UnauthorizedAccess_SystemDomain"));
-
-    Assembly* pAssembly = (Assembly*) gc.assemblyName->GetAssembly();
-
-    if (!pDomain->m_pRootAssembly)
-        pDomain->m_pRootAssembly = pAssembly;
-
-    MethodDesc *pEntryPointMethod;
-    {
-        pEntryPointMethod = pAssembly->GetEntryPoint();
-        if (pEntryPointMethod)
-        {
-            UpgradeLinkTimeCheckToLateBoundDemand(pEntryPointMethod);        
-        }
-    }
-
-    BOOL bCreatedConsole = FALSE;
-
-#ifndef FEATURE_PAL
-    if (pAssembly->GetManifestFile()->GetSubsystem() == IMAGE_SUBSYSTEM_WINDOWS_CUI)
-    {
-        {
-            GCX_COOP();
-            Security::CheckBeforeAllocConsole(pDomain, pAssembly);
-        }
-        bCreatedConsole = AllocConsole();
-        StackSString codebase;
-        pAssembly->GetManifestFile()->GetCodeBase(codebase);
-        SetConsoleTitle(codebase);
-    }
-#endif // !FEATURE_PAL
-
-    // This helper will call FreeConsole()
-    iRetVal = ExecuteAssemblyHelper(pAssembly, bCreatedConsole, &gc.stringArgs);
-
-    HELPER_METHOD_FRAME_END();
-
-    return iRetVal;
-}
-FCIMPLEND
-
 #ifdef FEATURE_VERSIONING
 FCIMPL1(void,
         AppDomainNative::CreateContext,
author	Jan Kotas <jkotas@microsoft.com>	2017-02-06 06:53:42 -0800
committer	GitHub <noreply@github.com>	2017-02-06 06:53:42 -0800
commit	5c47caa806e6907df81e7a96864984df4d0f38cd (patch)
tree	e3437edcb63f42f98c93eb425b4e7a750eda73df /src/vm/appdomainnative.cpp
parent	0b064eef415468f50e7360256e42737d247eb677 (diff)
download	coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.tar.gz coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.tar.bz2 coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.zip