mcs/class/corlib/System.Runtime.Serialization.Formatters.Binary/BinaryFormatter.cs

   1 // BinaryFormatter.cs
   2 //
   3 // Author:
   4 //      Dick Porter (dick@ximian.com)
   5 //  Lluis Sanchez Gual (lluis@ideary.com)
   6 //
   7 // (C) 2002 Ximian, Inc.  http://www.ximian.com
   8 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
   9 //
  10 // Permission is hereby granted, free of charge, to any person obtaining
  11 // a copy of this software and associated documentation files (the
  12 // "Software"), to deal in the Software without restriction, including
  13 // without limitation the rights to use, copy, modify, merge, publish,
  14 // distribute, sublicense, and/or sell copies of the Software, and to
  15 // permit persons to whom the Software is furnished to do so, subject to
  16 // the following conditions:
  17 //
  18 // The above copyright notice and this permission notice shall be
  19 // included in all copies or substantial portions of the Software.
  20 //
  21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  28 //
  29
  30 using System.Collections;
  31 using System.IO;
  32 using System.Reflection;
  33 using System.Runtime.InteropServices;
  34 using System.Runtime.Remoting.Messaging;
  35 using System.Security.Permissions;
  36
  37 namespace System.Runtime.Serialization.Formatters.Binary {
  38
  39         [ComVisible (true)]
  40         public sealed class BinaryFormatter :
  41 #if !FULL_AOT_RUNTIME
  42                                                 IRemotingFormatter,
  43 #endif
  44                                                 IFormatter
  45         {
  46                 private FormatterAssemblyStyle assembly_format = FormatterAssemblyStyle.Simple;
  47                 private SerializationBinder binder;
  48                 private StreamingContext context;
  49                 private ISurrogateSelector surrogate_selector;
  50                 private FormatterTypeStyle type_format = FormatterTypeStyle.TypesAlways;
  51                 private TypeFilterLevel filter_level = TypeFilterLevel.Full;
  52
  53                 public BinaryFormatter()
  54                 {
  55                         surrogate_selector=DefaultSurrogateSelector;
  56                         context=new StreamingContext(StreamingContextStates.All);
  57                 }
  58
  59                 public BinaryFormatter(ISurrogateSelector selector, StreamingContext context)
  60                 {
  61                         surrogate_selector=selector;
  62                         this.context=context;
  63                 }
  64
  65
  66                 // Deserializing objects of type Dictionary<,> List<> and friends does not work in a CoreCLR sandbox, because
  67                 // the default deserialization code uses reflection to do its job, and the fields being reflected on live in mscorlib.dll.
  68                 // DefaultSurrogateSelector enables embedders to provide an alternative method of deserializing specific types in a way
  69                 // that does not violate the CoreCLR rules. See https://gist.github.com/878267 for some actual code that provides CoreCLR safe
  70                 // deserialization code for List<> and Dictionary<,>.
  71                 // DefaultSurrogateSelector is private, and needs to be set by the embedder trough reflection, so we do not expose any public
  72                 // API point that is not present in .NET
  73                 static ISurrogateSelector DefaultSurrogateSelector { get; set; }
  74
  75                 public FormatterAssemblyStyle AssemblyFormat
  76                 {
  77                         get {
  78                                 return(assembly_format);
  79                         }
  80                         set {
  81                                 assembly_format=value;
  82                         }
  83                 }
  84
  85                 public SerializationBinder Binder
  86                 {
  87                         get {
  88                                 return(binder);
  89                         }
  90                         set {
  91                                 binder=value;
  92                         }
  93                 }
  94
  95                 public StreamingContext Context
  96                 {
  97                         get {
  98                                 return(context);
  99                         }
 100                         set {
 101                                 context=value;
 102                         }
 103                 }
 104
 105                 public ISurrogateSelector SurrogateSelector
 106                 {
 107                         get {
 108                                 return(surrogate_selector);
 109                         }
 110                         set {
 111                                 surrogate_selector=value;
 112                         }
 113                 }
 114
 115                 public FormatterTypeStyle TypeFormat
 116                 {
 117                         get {
 118                                 return(type_format);
 119                         }
 120                         set {
 121                                 type_format=value;
 122                         }
 123                 }
 124
 125                 public TypeFilterLevel FilterLevel
 126                 {
 127                         get { return filter_level; }
 128                         set { filter_level = value; }
 129                 }
 130
 131                 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
 132                 public object Deserialize (Stream serializationStream)
 133                 {
 134                         return NoCheckDeserialize (serializationStream, null);
 135                 }
 136
 137                 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
 138                 public object Deserialize (Stream serializationStream, HeaderHandler handler)
 139                 {
 140                         return NoCheckDeserialize (serializationStream, handler);
 141                 }
 142
 143                 // shared by Deserialize and UnsafeDeserialize which both involve different security checks
 144                 private object NoCheckDeserialize (Stream serializationStream, HeaderHandler handler)
 145                 {
 146                         if(serializationStream==null)
 147                         {
 148                                 throw new ArgumentNullException("serializationStream");
 149                         }
 150                         if(serializationStream.CanSeek &&
 151                                 serializationStream.Length==0)
 152                         {
 153                                 throw new SerializationException("serializationStream supports seeking, but its length is 0");
 154                         }
 155
 156                         BinaryReader reader = new BinaryReader (serializationStream);
 157
 158                         bool hasHeader;
 159                         ReadBinaryHeader (reader, out hasHeader);
 160
 161                         // Messages are read using a special static method, which does not use ObjectReader
 162                         // if it is not needed. This saves time and memory.
 163
 164                         BinaryElement elem = (BinaryElement) reader.Read ();
 165
 166                         if (elem == BinaryElement.MethodCall) {
 167                                 return MessageFormatter.ReadMethodCall (elem, reader, hasHeader, handler, this);
 168                         }
 169                         else if (elem == BinaryElement.MethodResponse) {
 170                                 return MessageFormatter.ReadMethodResponse (elem, reader, hasHeader, handler, null, this);
 171                         }
 172                         else {
 173                                 ObjectReader serializer = new ObjectReader (this);
 174
 175                                 object result;
 176                                 Header[] headers;
 177                                 serializer.ReadObjectGraph (elem, reader, hasHeader, out result, out headers);
 178                                 if (handler != null) handler(headers);
 179                                 return result;
 180                         }
 181                 }
 182
 183                 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
 184                 public object DeserializeMethodResponse (Stream serializationStream, HeaderHandler handler, IMethodCallMessage methodCallMessage)
 185                 {
 186                         return NoCheckDeserializeMethodResponse (serializationStream, handler, methodCallMessage);
 187                 }
 188
 189                 // shared by DeserializeMethodResponse and UnsafeDeserializeMethodResponse which both involve different security checks
 190                 private object NoCheckDeserializeMethodResponse (Stream serializationStream, HeaderHandler handler, IMethodCallMessage methodCallMessage)
 191                 {
 192                         if(serializationStream==null) {
 193                                 throw new ArgumentNullException("serializationStream");
 194                         }
 195                         if(serializationStream.CanSeek &&
 196                            serializationStream.Length==0) {
 197                                 throw new SerializationException("serializationStream supports seeking, but its length is 0");
 198                         }
 199
 200                         BinaryReader reader = new BinaryReader (serializationStream);
 201
 202                         bool hasHeader;
 203                         ReadBinaryHeader (reader, out hasHeader);
 204                         return MessageFormatter.ReadMethodResponse (reader, hasHeader, handler, methodCallMessage, this);
 205                 }
 206
 207                 public void Serialize(Stream serializationStream, object graph)
 208                 {
 209                         Serialize (serializationStream, graph, null);
 210                 }
 211
 212                 [SecurityPermission (SecurityAction.Demand, SerializationFormatter = true)]
 213                 public void Serialize(Stream serializationStream, object graph, Header[] headers)
 214                 {
 215                         if(serializationStream==null) {
 216                                 throw new ArgumentNullException ("serializationStream");
 217                         }
 218
 219                         BinaryWriter writer = new BinaryWriter (serializationStream);
 220                         WriteBinaryHeader (writer, headers!=null);
 221
 222                         if (graph is IMethodCallMessage) {
 223                                 MessageFormatter.WriteMethodCall (writer, graph, headers, this);
 224                         }
 225                         else if (graph is IMethodReturnMessage)  {
 226                                 MessageFormatter.WriteMethodResponse (writer, graph, headers, this);
 227                         }
 228                         else {
 229                                 ObjectWriter serializer = new ObjectWriter (this);
 230                                 serializer.WriteObjectGraph (writer, graph, headers);
 231                         }
 232                         writer.Flush();
 233                 }
 234
 235                 // faster version (under CAS) as this requires a LinkDemand versus full Demand (i.e. a stack-walk)
 236                 // shouldn't be called unless the code is intended to be executed at full-trust
 237                 [ComVisible (false)]
 238                 [SecurityPermission (SecurityAction.LinkDemand, SerializationFormatter = true)]
 239                 public object UnsafeDeserialize (Stream serializationStream, HeaderHandler handler)
 240                 {
 241                         return NoCheckDeserialize (serializationStream, handler);
 242                 }
 243
 244                 // faster version (under CAS) as this requires a LinkDemand versus full Demand (i.e. a stack-walk)
 245                 // shouldn't be called unless the code is intended to be executed at full-trust
 246                 [ComVisible (false)]
 247                 [SecurityPermission (SecurityAction.LinkDemand, SerializationFormatter = true)]
 248                 public object UnsafeDeserializeMethodResponse (Stream serializationStream, HeaderHandler handler, IMethodCallMessage methodCallMessage)
 249                 {
 250                         return NoCheckDeserializeMethodResponse (serializationStream, handler, methodCallMessage);
 251                 }
 252
 253                 private void WriteBinaryHeader (BinaryWriter writer, bool hasHeaders)
 254                 {
 255                         writer.Write ((byte)BinaryElement.Header);
 256                         writer.Write ((int)1);
 257                         if (hasHeaders) writer.Write ((int)2);
 258                         else writer.Write ((int)-1);
 259                         writer.Write ((int)1);
 260                         writer.Write ((int)0);
 261                 }
 262
 263                 private void ReadBinaryHeader (BinaryReader reader, out bool hasHeaders)
 264                 {
 265                         reader.ReadByte();
 266                         reader.ReadInt32();
 267                         int val = reader.ReadInt32();
 268                         hasHeaders = (val==2);
 269                         reader.ReadInt32();
 270                         reader.ReadInt32();
 271                 }
 272         }
 273 }