4 // Dick Porter (dick@ximian.com)
5 // Lluis Sanchez Gual (lluis@ideary.com)
7 // (C) 2002 Ximian, Inc. http://www.ximian.com
8 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using System.Collections;
32 using System.Reflection;
33 using System.Runtime.InteropServices;
34 using System.Runtime.Remoting.Messaging;
35 using System.Security.Permissions;
37 namespace System.Runtime.Serialization.Formatters.Binary {
40 public sealed class BinaryFormatter : IRemotingFormatter, IFormatter
42 private FormatterAssemblyStyle assembly_format = FormatterAssemblyStyle.Simple;
43 private SerializationBinder binder;
44 private StreamingContext context;
45 private ISurrogateSelector surrogate_selector;
46 private FormatterTypeStyle type_format = FormatterTypeStyle.TypesAlways;
47 private TypeFilterLevel filter_level = TypeFilterLevel.Full;
49 public BinaryFormatter()
51 surrogate_selector=DefaultSurrogateSelector;
52 context=new StreamingContext(StreamingContextStates.All);
55 public BinaryFormatter(ISurrogateSelector selector, StreamingContext context)
57 surrogate_selector=selector;
62 // Deserializing objects of type Dictionary<,> List<> and friends does not work in a CoreCLR sandbox, because
63 // the default deserialization code uses reflection to do its job, and the fields being reflected on live in mscorlib.dll.
64 // DefaultSurrogateSelector enables embedders to provide an alternative method of deserializing specific types in a way
65 // that does not violate the CoreCLR rules. See https://gist.github.com/878267 for some actual code that provides CoreCLR safe
66 // deserialization code for List<> and Dictionary<,>.
67 // DefaultSurrogateSelector is private, and needs to be set by the embedder trough reflection, so we do not expose any public
68 // API point that is not present in .NET
69 static ISurrogateSelector DefaultSurrogateSelector { get; set; }
71 public FormatterAssemblyStyle AssemblyFormat
74 return(assembly_format);
77 assembly_format=value;
81 public SerializationBinder Binder
91 public StreamingContext Context
101 public ISurrogateSelector SurrogateSelector
104 return(surrogate_selector);
107 surrogate_selector=value;
111 public FormatterTypeStyle TypeFormat
121 public TypeFilterLevel FilterLevel
123 get { return filter_level; }
124 set { filter_level = value; }
127 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
128 public object Deserialize (Stream serializationStream)
130 return NoCheckDeserialize (serializationStream, null);
133 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
134 public object Deserialize (Stream serializationStream, HeaderHandler handler)
136 return NoCheckDeserialize (serializationStream, handler);
139 // shared by Deserialize and UnsafeDeserialize which both involve different security checks
140 private object NoCheckDeserialize (Stream serializationStream, HeaderHandler handler)
142 if(serializationStream==null)
144 throw new ArgumentNullException("serializationStream");
146 if(serializationStream.CanSeek &&
147 serializationStream.Length==0)
149 throw new SerializationException("serializationStream supports seeking, but its length is 0");
152 BinaryReader reader = new BinaryReader (serializationStream);
155 ReadBinaryHeader (reader, out hasHeader);
157 // Messages are read using a special static method, which does not use ObjectReader
158 // if it is not needed. This saves time and memory.
160 BinaryElement elem = (BinaryElement) reader.Read ();
162 if (elem == BinaryElement.MethodCall) {
163 return MessageFormatter.ReadMethodCall (elem, reader, hasHeader, handler, this);
165 else if (elem == BinaryElement.MethodResponse) {
166 return MessageFormatter.ReadMethodResponse (elem, reader, hasHeader, handler, null, this);
169 ObjectReader serializer = new ObjectReader (this);
173 serializer.ReadObjectGraph (elem, reader, hasHeader, out result, out headers);
174 if (handler != null) handler(headers);
179 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
180 public object DeserializeMethodResponse (Stream serializationStream, HeaderHandler handler, IMethodCallMessage methodCallMessage)
182 return NoCheckDeserializeMethodResponse (serializationStream, handler, methodCallMessage);
185 // shared by DeserializeMethodResponse and UnsafeDeserializeMethodResponse which both involve different security checks
186 private object NoCheckDeserializeMethodResponse (Stream serializationStream, HeaderHandler handler, IMethodCallMessage methodCallMessage)
188 if(serializationStream==null) {
189 throw new ArgumentNullException("serializationStream");
191 if(serializationStream.CanSeek &&
192 serializationStream.Length==0) {
193 throw new SerializationException("serializationStream supports seeking, but its length is 0");
196 BinaryReader reader = new BinaryReader (serializationStream);
199 ReadBinaryHeader (reader, out hasHeader);
200 return MessageFormatter.ReadMethodResponse (reader, hasHeader, handler, methodCallMessage, this);
203 public void Serialize(Stream serializationStream, object graph)
205 Serialize (serializationStream, graph, null);
208 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
209 public void Serialize(Stream serializationStream, object graph, Header[] headers)
211 if(serializationStream==null) {
212 throw new ArgumentNullException ("serializationStream");
215 BinaryWriter writer = new BinaryWriter (serializationStream);
216 WriteBinaryHeader (writer, headers!=null);
218 if (graph is IMethodCallMessage) {
219 MessageFormatter.WriteMethodCall (writer, graph, headers, this);
221 else if (graph is IMethodReturnMessage) {
222 MessageFormatter.WriteMethodResponse (writer, graph, headers, this);
225 ObjectWriter serializer = new ObjectWriter (this);
226 serializer.WriteObjectGraph (writer, graph, headers);
231 // faster version (under CAS) as this requires a LinkDemand versus full Demand (i.e. a stack-walk)
232 // shouldn't be called unless the code is intended to be executed at full-trust
234 [SecurityPermission (SecurityAction.LinkDemand, SerializationFormatter = true)]
235 public object UnsafeDeserialize (Stream serializationStream, HeaderHandler handler)
237 return NoCheckDeserialize (serializationStream, handler);
240 // faster version (under CAS) as this requires a LinkDemand versus full Demand (i.e. a stack-walk)
241 // shouldn't be called unless the code is intended to be executed at full-trust
243 [SecurityPermission (SecurityAction.LinkDemand, SerializationFormatter = true)]
244 public object UnsafeDeserializeMethodResponse (Stream serializationStream, HeaderHandler handler, IMethodCallMessage methodCallMessage)
246 return NoCheckDeserializeMethodResponse (serializationStream, handler, methodCallMessage);
249 private void WriteBinaryHeader (BinaryWriter writer, bool hasHeaders)
251 writer.Write ((byte)BinaryElement.Header);
252 writer.Write ((int)1);
253 if (hasHeaders) writer.Write ((int)2);
254 else writer.Write ((int)-1);
255 writer.Write ((int)1);
256 writer.Write ((int)0);
259 private void ReadBinaryHeader (BinaryReader reader, out bool hasHeaders)
263 int val = reader.ReadInt32();
264 hasHeaders = (val==2);