[Mono-list] security issue with UM code??

itsme notyou randombreaks at gmail.com
Tue Oct 25 18:23:00 EDT 2005

Thanks for the reply Sebastian.
 I was reading through the archives and found this
http://lists.ximian.com/pipermail/mono-list/2005-October/029118.html. This
says the "content of pointer will be copied to unmanaged memory", which is
quite diff from wht msdn says.
 my structure looks something like this
 struct XYZ{
 int field1; ------------------------------------- I dont marshal any of
int field2;
short field3;
 IntPtr ptr; ---------------------------------- These are marshalled
manually and put on UM memory by my C# code.
char *charptr; --------------------------------
 XYZ xyz ;
func (ref xyz); --------------------------unmanaged call.
  I am understanding that : Fields that are blittable are never copied to UM
memory if they are part of struct/class passed by reference, all others are
marshaled manually and a ptr is passed.
what if the structure has some field like boolean/string which has to be
marshalled should it also be treated as an IntPtr? (I havent had this case
in my app as yet just asking for information)
  So, when passing reference, the address of xyz is passed and UM code
accesses field1, field2, field3 from managed memory and the rest from
unmanaged memory??? (acc to MSDN)
  or as the mailing list link says : the field1,field2, field3 is being
copied to Unmanaged memory along with the pointers to the last two fields??
 Have I inferred it correct?
 My problem occurs when these fields are accessed and understanding where
the data resides will almost surely pinpoint the corruption source.
 Your expert opinion will help me solve my problem sooner.

 On 10/25/05, Sebastien Pouliot <sebastien.pouliot at gmail.com> wrote:
> Hello Sanjay,
> On Tue, 2005-10-25 at 09:54 -0700, itsme notyou wrote:
> > MSDN says : " When parameters are passed by reference, a pointer to
> > the parameters on the managed heap is passed to the unmanaged code.
> > Since the unmanaged code receives a pointer, it is possible for the
> > method to modify the data held on the managed heap. "
> >
> > So the intermediate Unmanaged representation is omitted (unless
> > manually specified and alloced on unmanaged memory for complex types)
> > and UM code operates diectly on managed heap.
> >
> > Wont this give privileges to the unmanaged code to possibly corrupt
> > the heap?? And since the call is in the same thread, UM code can
> > easily corrupt the managed heap.
> Yes but from a security point of view all bets are off when you use
> unmanaged code.
> That's why there's an UnmanagedCode permission in CAS (Code Access
> Security) to disallow managed code from calling native code. Sadly once
> native code is called nothing can guarantee the security manager (or any
> other structure/data) integrity.
> > My managed heap seems overwritten (very subtly changed) and am unable
> > to point it to the culprit....I am guessing that the above is
> > happening. Any clue?
> >
> > -
> > Sanjay.
> > _______________________________________________
> > Mono-list maillist - Mono-list at lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ximian.com/pipermail/mono-list/attachments/20051025/a7e63336/attachment-0001.html

More information about the Mono-list mailing list