* Copyright 2001-2003 Ximian, Inc (http://www.ximian.com)
* Copyright 2004-2009 Novell, Inc (http://www.novell.com)
*/
+#include <config.h>
#include <mono/metadata/object-internals.h>
#include <mono/metadata/verify.h>
#include <mono/metadata/metadata.h>
#include <mono/metadata/metadata-internals.h>
#include <mono/metadata/class-internals.h>
+#include <mono/metadata/security-manager.h>
+#include <mono/metadata/security-core-clr.h>
#include <mono/metadata/tokentype.h>
#include <string.h>
#include <signal.h>
#include <ctype.h>
+static MiniVerifierMode verifier_mode = MONO_VERIFIER_MODE_OFF;
+static gboolean verify_all = FALSE;
+
+/*
+ * Set the desired level of checks for the verfier.
+ *
+ */
+void
+mono_verifier_set_mode (MiniVerifierMode mode)
+{
+ verifier_mode = mode;
+}
+
+void
+mono_verifier_enable_verify_all ()
+{
+ verify_all = TRUE;
+}
+
+#ifndef DISABLE_VERIFIER
/*
* Pull the list of opcodes
*/
return FALSE;
}
+/*
+ * Verify if @type is valid for the given @ctx verification context.
+ * this function checks for VAR and MVAR types that are invalid under the current verifier,
+ */
+static gboolean
+mono_type_is_valid_type_in_context (MonoType *type, MonoGenericContext *context)
+{
+ int i;
+ MonoGenericInst *inst;
+
+ switch (type->type) {
+ case MONO_TYPE_VAR:
+ case MONO_TYPE_MVAR:
+ if (!context)
+ return FALSE;
+ inst = type->type == MONO_TYPE_VAR ? context->class_inst : context->method_inst;
+ if (!inst || mono_type_get_generic_param_num (type) >= inst->type_argc)
+ return FALSE;
+ break;
+ case MONO_TYPE_SZARRAY:
+ return mono_type_is_valid_type_in_context (&type->data.klass->byval_arg, context);
+ case MONO_TYPE_ARRAY:
+ return mono_type_is_valid_type_in_context (&type->data.array->eklass->byval_arg, context);
+ case MONO_TYPE_PTR:
+ return mono_type_is_valid_type_in_context (type->data.type, context);
+ case MONO_TYPE_GENERICINST:
+ inst = type->data.generic_class->context.class_inst;
+ if (!inst->is_open)
+ break;
+ for (i = 0; i < inst->type_argc; ++i)
+ if (!mono_type_is_valid_type_in_context (inst->type_argv [i], context))
+ return FALSE;
+ break;
+ }
+ return TRUE;
+}
+
+/*This function returns NULL if the type is not instantiatable*/
+static MonoType*
+verifier_inflate_type (VerifyContext *ctx, MonoType *type, MonoGenericContext *context)
+{
+ if (!mono_type_is_valid_type_in_context (type, context))
+ return NULL;
+ return mono_class_inflate_generic_type (type, context);
+}
/*
* Test if @candidate is a subtype of @target using the minimal possible information
* TODO move the code for non finished TypeBuilders to here.
return FALSE;
for (i = 0; i < gc->type_argc; ++i) {
- MonoGenericParam *param = &gc->type_params [i];
+ MonoGenericParamInfo *param_info = mono_generic_container_get_param_info (gc, i);
MonoClass *paramClass;
MonoClass **constraints;
- if (!param->constraints && !(param->flags & GENERIC_PARAMETER_ATTRIBUTE_SPECIAL_CONSTRAINTS_MASK))
+ if (!param_info->constraints && !(param_info->flags & GENERIC_PARAMETER_ATTRIBUTE_SPECIAL_CONSTRAINTS_MASK))
continue;
if (mono_type_is_generic_argument (ginst->type_argv [i]))
continue; //it's not our job to validate type variables
return FALSE;
}
- if ((param->flags & GENERIC_PARAMETER_ATTRIBUTE_VALUE_TYPE_CONSTRAINT) && (!paramClass->valuetype || mono_class_is_nullable (paramClass)))
+ if ((param_info->flags & GENERIC_PARAMETER_ATTRIBUTE_VALUE_TYPE_CONSTRAINT) && (!paramClass->valuetype || mono_class_is_nullable (paramClass)))
return FALSE;
- if ((param->flags & GENERIC_PARAMETER_ATTRIBUTE_REFERENCE_TYPE_CONSTRAINT) && paramClass->valuetype)
+ if ((param_info->flags & GENERIC_PARAMETER_ATTRIBUTE_REFERENCE_TYPE_CONSTRAINT) && paramClass->valuetype)
return FALSE;
- if ((param->flags & GENERIC_PARAMETER_ATTRIBUTE_CONSTRUCTOR_CONSTRAINT) && !paramClass->valuetype && !mono_class_has_default_constructor (paramClass))
+ if ((param_info->flags & GENERIC_PARAMETER_ATTRIBUTE_CONSTRUCTOR_CONSTRAINT) && !paramClass->valuetype && !mono_class_has_default_constructor (paramClass))
return FALSE;
- if (!param->constraints)
+ if (!param_info->constraints)
continue;
- for (constraints = param->constraints; *constraints; ++constraints) {
+ for (constraints = param_info->constraints; *constraints; ++constraints) {
MonoClass *ctr = *constraints;
MonoType *inflated;
* This means that @candidate constraints are a super set of @target constaints
*/
static gboolean
-mono_generic_param_is_constraint_compatible (MonoGenericParam *target, MonoGenericParam *candidate, MonoGenericContext *context)
+mono_generic_param_is_constraint_compatible (VerifyContext *ctx, MonoGenericParam *target, MonoGenericParam *candidate, MonoGenericContext *context)
{
- int tmask = target->flags & GENERIC_PARAMETER_ATTRIBUTE_SPECIAL_CONSTRAINTS_MASK;
- int cmask = candidate->flags & GENERIC_PARAMETER_ATTRIBUTE_SPECIAL_CONSTRAINTS_MASK;
+ MonoGenericParamInfo *tinfo = mono_generic_param_info (target);
+ MonoGenericParamInfo *cinfo = mono_generic_param_info (candidate);
+
+ int tmask = tinfo->flags & GENERIC_PARAMETER_ATTRIBUTE_SPECIAL_CONSTRAINTS_MASK;
+ int cmask = cinfo->flags & GENERIC_PARAMETER_ATTRIBUTE_SPECIAL_CONSTRAINTS_MASK;
if ((tmask & cmask) != tmask)
return FALSE;
- if (target->constraints) {
+ if (tinfo->constraints) {
MonoClass **target_class, **candidate_class;
- if (!candidate->constraints)
+ if (!cinfo->constraints)
return FALSE;
- for (target_class = target->constraints; *target_class; ++target_class) {
- MonoType *inflated = mono_class_inflate_generic_type (&(*target_class)->byval_arg, context);
- MonoClass *tc = mono_class_from_mono_type (inflated);
+ for (target_class = tinfo->constraints; *target_class; ++target_class) {
+ MonoClass *tc;
+ MonoType *inflated = verifier_inflate_type (ctx, &(*target_class)->byval_arg, context);
+ if (!inflated)
+ return FALSE;
+ tc = mono_class_from_mono_type (inflated);
mono_metadata_free_type (inflated);
- for (candidate_class = candidate->constraints; *candidate_class; ++candidate_class) {
+ for (candidate_class = cinfo->constraints; *candidate_class; ++candidate_class) {
MonoClass *cc;
-
- inflated = mono_class_inflate_generic_type (&(*candidate_class)->byval_arg, context);
+ inflated = verifier_inflate_type (ctx, &(*candidate_class)->byval_arg, ctx->generic_context);
+ if (!inflated)
+ return FALSE;
cc = mono_class_from_mono_type (inflated);
mono_metadata_free_type (inflated);
MonoMethod *method = ctx->method;
int num;
- num = type->data.generic_param->num;
+ num = mono_type_get_generic_param_num (type);
if (type->type == MONO_TYPE_VAR) {
MonoClass *gtd = method->klass;
}
if (!gc)
return FALSE;
- return &gc->type_params [num];
+ return mono_generic_container_get_param (gc, num);
}
static gboolean
is_valid_type_in_context (VerifyContext *ctx, MonoType *type)
{
- if (mono_type_is_generic_argument (type) && !ctx->generic_context)
- return FALSE;
- if (type->type == MONO_TYPE_VAR) {
- if (!ctx->generic_context->class_inst)
- return FALSE;
- if (type->data.generic_param->num >= ctx->generic_context->class_inst->type_argc)
- return FALSE;
- } else if (type->type == MONO_TYPE_MVAR) {
- if (!ctx->generic_context->method_inst)
- return FALSE;
- if (type->data.generic_param->num >= ctx->generic_context->method_inst->type_argc)
- return FALSE;
- }
- return TRUE;
+ return mono_type_is_valid_type_in_context (type, ctx->generic_context);
}
static gboolean
int i;
for (i = 0; i < ginst->type_argc; ++i) {
MonoType *type = ginst->type_argv [i];
- MonoGenericParam *target = &gc->type_params [i];
+ MonoGenericParam *target = mono_generic_container_get_param (gc, i);
MonoGenericParam *candidate;
if (!mono_type_is_generic_argument (type))
candidate = verifier_get_generic_param_from_type (ctx, type);
- if (!mono_generic_param_is_constraint_compatible (target, candidate, context))
+ if (!mono_generic_param_is_constraint_compatible (ctx, target, candidate, context))
return FALSE;
}
return TRUE;
}
field = mono_field_from_token (ctx->image, token, klass, ctx->generic_context);
- if (!field) {
+ if (!field || !field->parent) {
ADD_VERIFY_ERROR2 (ctx, g_strdup_printf ("Cannot load field from token 0x%08x for %s at 0x%04x", token, opcode, ctx->ip_offset), MONO_EXCEPTION_BAD_IMAGE);
return NULL;
}
printf ("complex] (inst of %s )", value->type->data.generic_class->container_class->name);
return;
case MONO_TYPE_VAR:
- printf ("complex] (type generic param !%d - %s) ", value->type->data.generic_param->num, value->type->data.generic_param->name);
+ printf ("complex] (type generic param !%d - %s) ", value->type->data.generic_param->num, mono_generic_param_info (value->type->data.generic_param)->name);
return;
case MONO_TYPE_MVAR:
- printf ("complex] (method generic param !!%d - %s) ", value->type->data.generic_param->num, value->type->data.generic_param->name);
+ printf ("complex] (method generic param !!%d - %s) ", value->type->data.generic_param->num, mono_generic_param_info (value->type->data.generic_param)->name);
return;
default: {
//should be a boxed value
case MONO_TYPE_TYPEDBYREF:
return candidate->type == MONO_TYPE_TYPEDBYREF;
- case MONO_TYPE_VALUETYPE:
- if (candidate->type == MONO_TYPE_VALUETYPE && target->data.klass == candidate->data.klass)
+ case MONO_TYPE_VALUETYPE: {
+ MonoClass *target_klass = mono_class_from_mono_type (target);
+ MonoClass *candidate_klass = mono_class_from_mono_type (candidate);
+
+ if (target_klass == candidate_klass)
return TRUE;
if (mono_type_is_enum_type (target)) {
target = mono_type_get_underlying_type_any (target);
goto handle_enum;
}
return FALSE;
+ }
case MONO_TYPE_VAR:
if (candidate->type != MONO_TYPE_VAR)
return FALSE;
- return candidate->data.generic_param->num == target->data.generic_param->num;
+ return mono_type_get_generic_param_num (candidate) == mono_type_get_generic_param_num (target);
case MONO_TYPE_MVAR:
if (candidate->type != MONO_TYPE_MVAR)
return FALSE;
- return candidate->data.generic_param->num == target->data.generic_param->num;
+ return mono_type_get_generic_param_num (candidate) == mono_type_get_generic_param_num (target);
default:
VERIFIER_DEBUG ( printf ("unknown store type %d\n", target->type); );
static MonoGenericParam*
get_generic_param (VerifyContext *ctx, MonoType *param)
{
- guint16 param_num = param->data.generic_param->num;
+ guint16 param_num = mono_type_get_generic_param_num (param);
if (param->type == MONO_TYPE_VAR) {
if (!ctx->generic_context->class_inst || ctx->generic_context->class_inst->type_argc <= param_num) {
ADD_VERIFY_ERROR (ctx, g_strdup_printf ("Invalid generic type argument %d", param_num));
if (mono_type_is_generic_argument (candidate)) {
MonoGenericParam *param = get_generic_param (ctx, candidate);
MonoClass **class;
- for (class = param->constraints; class && *class; ++class) {
+ for (class = mono_generic_param_info (param)->constraints; class && *class; ++class) {
if (verify_type_compatibility_full (ctx, type, mono_type_get_type_byval (& (*class)->byval_arg), FALSE))
return TRUE;
}
return MONO_TYPE_IS_REFERENCE (candidate);
case MONO_TYPE_CLASS:
- if (candidate->type != MONO_TYPE_CLASS)
- return FALSE;
- return mono_class_is_assignable_from(target->data.klass, candidate->data.klass);
+ return mono_class_is_assignable_from(target->data.klass, mono_class_from_mono_type (candidate));
case MONO_TYPE_SZARRAY:
if (candidate->type != MONO_TYPE_SZARRAY)
case MONO_TYPE_VALUETYPE:
/*FIXME handle nullables and enum*/
- return candidate->type == MONO_TYPE_VALUETYPE && target->data.klass == candidate->data.klass;
+ return mono_class_from_mono_type (candidate) == mono_class_from_mono_type (target);
case MONO_TYPE_VAR:
- return candidate->type == MONO_TYPE_VAR && target->data.generic_param->num == candidate->data.generic_param->num;
+ return candidate->type == MONO_TYPE_VAR && mono_type_get_generic_param_num (target) == mono_type_get_generic_param_num (candidate);
return FALSE;
case MONO_TYPE_MVAR:
- return candidate->type == MONO_TYPE_MVAR && target->data.generic_param->num == candidate->data.generic_param->num;
+ return candidate->type == MONO_TYPE_MVAR && mono_type_get_generic_param_num (target) == mono_type_get_generic_param_num (candidate);
return FALSE;
default:
if (is_static_ldftn)
is_first_arg_bound = mono_method_signature (invoke)->param_count + 1 == mono_method_signature (method)->param_count;
- if (!mono_delegate_signature_equal (mono_method_signature (invoke), mono_method_signature (method), is_first_arg_bound))
- CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Function pointer parameter for delegate constructor has diferent signature at 0x%04x", ctx->ip_offset));
+ if (!mono_delegate_signature_equal (mono_method_signature (invoke), mono_method_signature (method), is_first_arg_bound)) {
+ char *fun_sig = mono_signature_get_desc (mono_method_signature (method), FALSE);
+ char *invoke_sig = mono_signature_get_desc (mono_method_signature (invoke), FALSE);
+ CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Function pointer signature '%s' doesn't match delegate's signature '%s' at 0x%04x", fun_sig, invoke_sig, ctx->ip_offset));
+ g_free (fun_sig);
+ g_free (invoke_sig);
+ }
/*
* Delegate code sequences:
if (!verify_stack_type_compatibility (ctx, sig->params[i], value)) {
char *stack_name = stack_slot_full_name (value);
char *sig_name = mono_type_full_name (sig->params [i]);
- CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Incompatible parameter value with function signature: %s X %s at 0x%04x", sig_name, stack_name, ctx->ip_offset));
+ CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Incompatible parameter with function signature: Calling method with signature (%s) but for argument %d there is a (%s) on stack at 0x%04x", sig_name, i, stack_name, ctx->ip_offset));
g_free (stack_name);
g_free (sig_name);
}
if (!verify_stack_type_compatibility (ctx, type, ©))
CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Incompatible this argument on stack with method signature at 0x%04x", ctx->ip_offset));
- if (!IS_SKIP_VISIBILITY (ctx) && !mono_method_can_access_method_full (ctx->method, method, value->type->data.klass))
- CODE_NOT_VERIFIABLE2 (ctx, g_strdup_printf ("Method is not accessible at 0x%04x", ctx->ip_offset), MONO_EXCEPTION_METHOD_ACCESS);
+ if (!IS_SKIP_VISIBILITY (ctx) && !mono_method_can_access_method_full (ctx->method, method, mono_class_from_mono_type (value->type))) {
+ char *name = mono_method_full_name (method, TRUE);
+ CODE_NOT_VERIFIABLE2 (ctx, g_strdup_printf ("Method %s is not accessible at 0x%04x", name, ctx->ip_offset), MONO_EXCEPTION_METHOD_ACCESS);
+ g_free (name);
+ }
- } else if (!IS_SKIP_VISIBILITY (ctx) && !mono_method_can_access_method_full (ctx->method, method, NULL))
- CODE_NOT_VERIFIABLE2 (ctx, g_strdup_printf ("Method is not accessible at 0x%04x", ctx->ip_offset), MONO_EXCEPTION_METHOD_ACCESS);
+ } else if (!IS_SKIP_VISIBILITY (ctx) && !mono_method_can_access_method_full (ctx->method, method, NULL)) {
+ char *name = mono_method_full_name (method, TRUE);
+ CODE_NOT_VERIFIABLE2 (ctx, g_strdup_printf ("Method %s is not accessible at 0x%04x", name, ctx->ip_offset), MONO_EXCEPTION_METHOD_ACCESS);
+ g_free (name);
+ }
if (sig->ret->type != MONO_TYPE_VOID) {
if (check_overflow (ctx)) {
else if (IS_STRICT_MODE (ctx) && !mono_metadata_type_equal (type, stack))
CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Type token of initobj not compatible with value on stack at 0x%04x", ctx->ip_offset));
} else if (!verify_type_compatibility (ctx, stack, type)) {
- CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Type token of initobj not compatible with value on stack at 0x%04x", ctx->ip_offset));
+ char *expected_name = mono_type_full_name (type);
+ char *stack_name = mono_type_full_name (stack);
+
+ CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Initobj %s not compatible with value on stack %s at 0x%04x", expected_name, stack_name, ctx->ip_offset));
+ g_free (expected_name);
+ g_free (stack_name);
}
}
if (method->klass->flags & (TYPE_ATTRIBUTE_ABSTRACT | TYPE_ATTRIBUTE_INTERFACE))
CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Trying to instantiate an abstract or interface type at 0x%04x", ctx->ip_offset));
- if (!mono_method_can_access_method_full (ctx->method, method, NULL))
- CODE_NOT_VERIFIABLE2 (ctx, g_strdup_printf ("Constructor not visible at 0x%04x", ctx->ip_offset), MONO_EXCEPTION_METHOD_ACCESS);
+ if (!mono_method_can_access_method_full (ctx->method, method, NULL)) {
+ char *from = mono_method_full_name (ctx->method, TRUE);
+ char *to = mono_method_full_name (method, TRUE);
+ CODE_NOT_VERIFIABLE2 (ctx, g_strdup_printf ("Constructor %s not visible from %s at 0x%04x", to, from, ctx->ip_offset), MONO_EXCEPTION_METHOD_ACCESS);
+ g_free (from);
+ g_free (to);
+ }
//FIXME use mono_method_get_signature_full
sig = mono_method_signature (method);
if (!stack_slot_is_null_literal (exception) && !(stack_slot_get_type (exception) == TYPE_COMPLEX && !mono_class_from_mono_type (exception->type)->valuetype))
CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Invalid type on stack for throw, expected reference type at 0x%04x", ctx->ip_offset));
+ if (mono_type_is_generic_argument (exception->type) && !stack_slot_is_boxed_value (exception)) {
+ char *name = mono_type_full_name (exception->type);
+ CODE_NOT_VERIFIABLE (ctx, g_strdup_printf ("Invalid type on stack for throw, expected reference type but found unboxed %s at 0x%04x ", name, ctx->ip_offset));
+ g_free (name);
+ }
/*The stack is left empty after a throw*/
ctx->eval.size = 0;
}
return;
}
- if (mono_metadata_token_index (token) >= ctx->image->heap_us.size) {
+ if (!ctx->image->dynamic && mono_metadata_token_index (token) >= ctx->image->heap_us.size) {
ADD_VERIFY_ERROR2 (ctx, g_strdup_printf ("Invalid string index %x at 0x%04x", token, ctx->ip_offset), MONO_EXCEPTION_BAD_IMAGE);
return;
}
verify_clause_relationship (VerifyContext *ctx, MonoExceptionClause *clause, MonoExceptionClause *to_test)
{
/*clause is nested*/
- if (is_clause_nested (to_test, clause)) {
- if (to_test->flags == MONO_EXCEPTION_CLAUSE_FILTER) {
- ADD_VERIFY_ERROR (ctx, g_strdup_printf ("Exception clause inside filter"));
- }
+ if (to_test->flags == MONO_EXCEPTION_CLAUSE_FILTER && is_clause_inside_range (clause, to_test->data.filter_offset, to_test->handler_offset)) {
+ ADD_VERIFY_ERROR (ctx, g_strdup_printf ("Exception clause inside filter"));
return;
}
}
/*not completelly disjoint*/
- if (is_clause_in_range (to_test, clause->try_offset, clause->try_offset + clause->try_len) ||
- is_clause_in_range (to_test, HANDLER_START (clause), clause->handler_offset + clause->handler_len))
+ if ((is_clause_in_range (to_test, clause->try_offset, clause->try_offset + clause->try_len) ||
+ is_clause_in_range (to_test, HANDLER_START (clause), clause->handler_offset + clause->handler_len)) && !is_clause_nested (to_test, clause))
ADD_VERIFY_ERROR (ctx, g_strdup_printf ("Exception clauses overlap"));
}
MonoExceptionClause *clause = ctx.header->clauses + i;
VERIFIER_DEBUG (printf ("clause try %x len %x filter at %x handler at %x len %x\n", clause->try_offset, clause->try_len, clause->data.filter_offset, clause->handler_offset, clause->handler_len); );
- if (clause->try_offset > ctx.code_size)
+ if (clause->try_offset > ctx.code_size || clause->try_offset + clause->try_len > ctx.code_size)
ADD_VERIFY_ERROR (&ctx, g_strdup_printf ("try clause out of bounds at 0x%04x", clause->try_offset));
if (clause->try_len <= 0)
ADD_VERIFY_ERROR (&ctx, g_strdup_printf ("try clause len <= 0 at 0x%04x", clause->try_offset));
- if (clause->handler_offset > ctx.code_size)
- ADD_VERIFY_ERROR (&ctx, g_strdup_printf ("try clause out of bounds at 0x%04x", clause->try_offset));
+ if (clause->handler_offset > ctx.code_size || clause->handler_offset + clause->handler_len > ctx.code_size)
+ ADD_VERIFY_ERROR (&ctx, g_strdup_printf ("handler clause out of bounds at 0x%04x", clause->try_offset));
if (clause->handler_len <= 0)
ADD_VERIFY_ERROR (&ctx, g_strdup_printf ("try clause len <= 0 at 0x%04x", clause->try_offset));
break;
ctx.code [clause->try_offset].flags |= IL_CODE_FLAG_WAS_TARGET;
- ctx.code [clause->try_offset + clause->try_len].flags |= IL_CODE_FLAG_WAS_TARGET;
- ctx.code [clause->handler_offset + clause->handler_len].flags |= IL_CODE_FLAG_WAS_TARGET;
+ if (clause->try_offset + clause->try_len < ctx.code_size)
+ ctx.code [clause->try_offset + clause->try_len].flags |= IL_CODE_FLAG_WAS_TARGET;
+ if (clause->handler_offset + clause->handler_len < ctx.code_size)
+ ctx.code [clause->handler_offset + clause->handler_len].flags |= IL_CODE_FLAG_WAS_TARGET;
if (clause->flags == MONO_EXCEPTION_CLAUSE_NONE) {
init_stack_with_value_at_exception_boundary (&ctx, ctx.code + clause->handler_offset, clause->data.catch_class);
start = 1;
}
- if (clause->try_offset == ip_offset && ctx.eval.size > 0) {
+ if (clause->try_offset == ip_offset && ctx.eval.size > 0 && start == 0) {
ADD_VERIFY_ERROR (&ctx, g_strdup_printf ("Try to enter try block with a non-empty stack at 0x%04x", ip_offset));
start = 1;
}
return NULL;
}
-static MiniVerifierMode verifier_mode = MONO_VERIFIER_MODE_OFF;
-static gboolean verify_all = FALSE;
-
-/*
- * Set the desired level of checks for the verfier.
- *
- */
-void
-mono_verifier_set_mode (MiniVerifierMode mode)
-{
- verifier_mode = mode;
-}
-
-void
-mono_verifier_enable_verify_all ()
-{
- verify_all = TRUE;
-}
-
/*
* Returns true if @method needs to be verified.
*
return verify_all || (verifier_mode > MONO_VERIFIER_MODE_OFF && !klass->image->assembly->in_gac && klass->image != mono_defaults.corlib);
}
+gboolean
+mono_verifier_is_enabled_for_image (MonoImage *image)
+{
+ return verify_all || verifier_mode > MONO_VERIFIER_MODE_OFF;
+}
+
gboolean
mono_verifier_is_method_full_trust (MonoMethod *method)
{
*
* TODO This code doesn't take CAS into account.
*
- * This value is only pertinent to assembly verification and has
- * nothing to do with CoreClr security.
- *
* Under verify_all all user code must be verifiable if no security option was set
*
*/
gboolean
mono_verifier_is_class_full_trust (MonoClass *klass)
{
+ /* under CoreCLR code is trusted if it is part of the "platform" otherwise all code inside the GAC is trusted */
+ gboolean trusted_location = (mono_security_get_mode () != MONO_SECURITY_MODE_CORE_CLR) ?
+ klass->image->assembly->in_gac : mono_security_core_clr_is_platform_image (klass->image);
+
if (verify_all && verifier_mode == MONO_VERIFIER_MODE_OFF)
- return klass->image->assembly->in_gac || klass->image == mono_defaults.corlib;
- return verifier_mode < MONO_VERIFIER_MODE_VERIFIABLE || klass->image->assembly->in_gac || klass->image == mono_defaults.corlib;
+ return trusted_location || klass->image == mono_defaults.corlib;
+ return verifier_mode < MONO_VERIFIER_MODE_VERIFIABLE || trusted_location || klass->image == mono_defaults.corlib;
}
GSList*
return FALSE;
return TRUE;
}
+#else
+
+gboolean
+mono_verifier_verify_class (MonoClass *class)
+{
+ /* The verifier was disabled at compile time */
+ return TRUE;
+}
+
+GSList*
+mono_method_verify_with_current_settings (MonoMethod *method, gboolean skip_visibility)
+{
+ /* The verifier was disabled at compile time */
+ return NULL;
+}
+
+gboolean
+mono_verifier_is_class_full_trust (MonoClass *klass)
+{
+ /* The verifier was disabled at compile time */
+ return TRUE;
+}
+
+gboolean
+mono_verifier_is_method_full_trust (MonoMethod *method)
+{
+ /* The verifier was disabled at compile time */
+ return TRUE;
+}
+
+gboolean
+mono_verifier_is_enabled_for_image (MonoImage *image)
+{
+ /* The verifier was disabled at compile time */
+ return FALSE;
+}
+
+gboolean
+mono_verifier_is_enabled_for_class (MonoClass *klass)
+{
+ /* The verifier was disabled at compile time */
+ return FALSE;
+}
+
+gboolean
+mono_verifier_is_enabled_for_method (MonoMethod *method)
+{
+ /* The verifier was disabled at compile time */
+ return FALSE;
+}
+
+GSList*
+mono_method_verify (MonoMethod *method, int level)
+{
+ /* The verifier was disabled at compile time */
+ return NULL;
+}
+
+void
+mono_free_verify_list (GSList *list)
+{
+ /* The verifier was disabled at compile time */
+ /* will always be null if verifier is disabled */
+}
+
+GSList*
+mono_image_verify_tables (MonoImage *image, int level)
+{
+ /* The verifier was disabled at compile time */
+ return NULL;
+}
+#endif