Forum C# Whitelisting MethodInfo and ComVisibleAttribute

Whitelisting MethodInfo and ComVisibleAttribute

Postby gfoot » September 12th, 2014, 12:45 pm

Would it be possible to whitelist some of System.Reflection? My engine uses it to scan for certain kinds of functions, and also to serialize the simulation's state, to store/restore the state and/or checksum it.

The main error I've been seeing so far is due to System.Reflection.MethodInfo not being whitelisted. I'd hope this wouldn't cause any security issues - this level of reflection only really lets you discover things at runtime which you could potentially have referenced explicitly.

On a related note, I also get whitelisting errors about ComVisibleAttribute, which is required by System.AttributeUsage, which in turn is pretty much required when you define custom attributes to mark members for later inspection by the reflection API. I don't see any security issues with ComVisibleAttribute so it feels like it ought to be OK to whitelist that. These things are all allowed in Unity's webplayer for example, which presumably has security concerns similar to your servers'.

If this sound OK on principle then I'd be happy to provide some sample code that exercises these features, so you can check you've whitelisted enough things to make the code work.

Thanks
gfoot
 
Posts: 21
Joined: July 31st, 2014, 11:44 pm

Re: Whitelisting MethodInfo and ComVisibleAttribute

Postby Guillaume » September 12th, 2014, 11:16 pm

Can't you use a C# Interface logic to implement your requested behavior ?
Guillaume
 
Posts: 277
Joined: March 28th, 2014, 1:59 am
Location: France

Re: Whitelisting MethodInfo and ComVisibleAttribute

Postby gfoot » September 12th, 2014, 11:37 pm

I don't see how that could help.

To give a bit more context, I am porting my RTS networking library to work on Yahoo Games Network, and my library makes life easy for game developers by using reflection to scan for certain elements in their code - it identifies certain entry points, and also has the ability to recursively snapshot the entire game state and store or checksum it. In the same way, Yahoo's server scans our assemblies to find Game<> classes so that we don't have to explicitly register them.

It is possible to do these things more explicitly, and I hacked that together yesterday to check it works, but it puts a great burden on the game developer to ensure that they do correctly declare and serialise everything, etc. At the end of the day I decided that I'm not willing to compromise my library's API to that extent just to get it running serverside.

There is another option - generating an auxiliary assembly containing auto-generated methods to do the serialisation etc - which may be viable, but that is a lot of work for me to implement which would be redundant if Yahoo could whitelist these types, so I wanted to ask for that before committing time to this more complex non-reflection approach.
gfoot
 
Posts: 21
Joined: July 31st, 2014, 11:44 pm

Re: Whitelisting MethodInfo and ComVisibleAttribute

Postby Guillaume » September 12th, 2014, 11:51 pm

Yes, i see what you are talking about.

Of course it would be super cool from YGN, but i doubt they will accept, i believe this request has been made in the past already...
If i remember, the reflection limitation is about the CPU power needed to do reflection. It's maybe not very heavy, but they don't want that a lot of serverside code from different developers just overload there server.

So it make sense to me that Reflection is blacklisted.

However, as you said you may generate an auxiliary assembly to do what you want. I don't know exactly your context, but it would effectivly be like Visual Studio code generators (like Text Transform), or something like the AOT process in Mono (more specially for iOS), to know the methods signature in advance !

You may try to see if you can do something in a AOT way with your implementation.

But don't forget, and correct me if i'm wrong, but your serverside code must complete with only one dll, i'm not sure that YGN let you use DLL and a auxilliary DLL at the same time.

If it's true, you must also think about a way to embed your auxiliarry DLL in the main DLL.

But I wish you will have a positive answer from YGN !
Guillaume
 
Posts: 277
Joined: March 28th, 2014, 1:59 am
Location: France

Re: Whitelisting MethodInfo and ComVisibleAttribute

Postby gfoot » September 13th, 2014, 1:09 am

Thanks, maybe the text templating stuff is the way to go. I played with that a few years ago, never really had a solid need though.

Private fields become a problem with that approach in any case. I might have to just not do this on Yahoo, which would be a shame as I really like the service, it seems well designed and has good breadth. I can support the Yahoo backend without this too, it just won't be so cheat-resistant.

For the multiple DLL thing, I am already using ILMerge to merge the game DLL with my library DLL, and it seems to work well so long as all the DLLs involved use the same .NET version. I'd recommend it to anyone else who wants to upload multiple DLLs.
gfoot
 
Posts: 21
Joined: July 31st, 2014, 11:44 pm

Re: Whitelisting MethodInfo and ComVisibleAttribute

Postby Guillaume » September 13th, 2014, 11:29 am

I don't know how you rely about your RTS Networking library but it seem possible from MonoDevelop and Visual Studio of course.

Here is a simple tutorial about this and Unity: http://www.gamasutra.com/blogs/LiorTal/ ... _Unity.php

However, must the developer open MonoDevelop/Visual Studio to achieve the code generation ?
Or is there a way to fire the T4 generation script from Unity ?

For the moment i don't know. If you find some info about it, i would be happy to know it !

Thanks for the ILMerge info :)
Guillaume
 
Posts: 277
Joined: March 28th, 2014, 1:59 am
Location: France


Return to C#



cron