blob: 7e55a8d59768bda83486859026cf036796474439 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
//
//
#include "common.h"
#include "appdomainstack.h"
#include "appdomainstack.inl"
#include "security.h"
#include "securitypolicy.h"
#include "appdomain.inl"
#ifdef FEATURE_REMOTING
#include "crossdomaincalls.h"
#else
#include "callhelpers.h"
#endif
#ifdef _DEBUG
void AppDomainStack::CheckOverridesAssertCounts()
{
LIMITED_METHOD_CONTRACT;
DWORD dwAppDomainIndex = 0;
DWORD dwOverrides = 0;
DWORD dwAsserts = 0;
AppDomainStackEntry *pEntry = NULL;
for(dwAppDomainIndex=0;dwAppDomainIndex<m_numEntries;dwAppDomainIndex++)
{
pEntry = __GetEntryPtr(dwAppDomainIndex);
dwOverrides += pEntry->m_dwOverridesCount;
dwAsserts += pEntry->m_dwAsserts;
}
_ASSERTE(dwOverrides == m_dwOverridesCount);
_ASSERTE(dwAsserts == m_dwAsserts);
}
#endif
BOOL AppDomainStackEntry::IsFullyTrustedWithNoStackModifiers(void)
{
LIMITED_METHOD_CONTRACT;
if (m_domainID.m_dwId == INVALID_APPDOMAIN_ID || m_dwOverridesCount != 0 || m_dwAsserts != 0)
return FALSE;
AppDomainFromIDHolder pDomain(m_domainID, FALSE);
if (pDomain.IsUnloaded())
return FALSE;
IApplicationSecurityDescriptor *currAppSecDesc = pDomain->GetSecurityDescriptor();
if (currAppSecDesc == NULL)
return FALSE;
return Security::CheckDomainWideSpecialFlag(currAppSecDesc, 1 << SECURITY_FULL_TRUST);
}
BOOL AppDomainStackEntry::IsHomogeneousWithNoStackModifiers(void)
{
LIMITED_METHOD_CONTRACT;
if (m_domainID.m_dwId == INVALID_APPDOMAIN_ID || m_dwOverridesCount != 0 || m_dwAsserts != 0)
return FALSE;
AppDomainFromIDHolder pDomain(m_domainID, FALSE);
if (pDomain.IsUnloaded())
return FALSE;
IApplicationSecurityDescriptor *currAppSecDesc = pDomain->GetSecurityDescriptor();
if (currAppSecDesc == NULL)
return FALSE;
return (currAppSecDesc->IsHomogeneous() && !currAppSecDesc->ContainsAnyRefusedPermissions());
}
BOOL AppDomainStackEntry::HasFlagsOrFullyTrustedWithNoStackModifiers(DWORD flags)
{
LIMITED_METHOD_CONTRACT;
if (m_domainID.m_dwId == INVALID_APPDOMAIN_ID || m_dwOverridesCount != 0 || m_dwAsserts != 0)
return FALSE;
AppDomainFromIDHolder pDomain(m_domainID, FALSE);
if (pDomain.IsUnloaded())
return FALSE;
IApplicationSecurityDescriptor *currAppSecDesc = pDomain->GetSecurityDescriptor();
if (currAppSecDesc == NULL)
return FALSE;
// either the desired flag (often 0) or fully trusted will do
flags |= (1<<SECURITY_FULL_TRUST);
return Security::CheckDomainWideSpecialFlag(currAppSecDesc, flags);
}
BOOL AppDomainStack::AllDomainsHomogeneousWithNoStackModifiers()
{
WRAPPER_NO_CONTRACT;
// Used primarily by CompressedStack code to decide if a CS has to be constructed
DWORD dwAppDomainIndex = 0;
InitDomainIteration(&dwAppDomainIndex);
while (dwAppDomainIndex != 0)
{
AppDomainStackEntry* pEntry = GetNextDomainEntryOnStack(&dwAppDomainIndex);
_ASSERTE(pEntry != NULL);
if (!pEntry->IsHomogeneousWithNoStackModifiers() && !pEntry->IsFullyTrustedWithNoStackModifiers())
return FALSE;
}
return TRUE;
}
|