This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

RuntimeMethodHandle.GetFunctionPointer() doesn't demand UnmanagedCode Security Permission

Revision as of 11:40, 17 April 2009 by KirstenS (talk | contribs)

Jump to: navigation, search

According to the official documentation the System RuntimeMethodHandle.GetFunctionPointer Method requires "SecurityPermission for the ability to call unmanaged code. Associated enumeration: SecurityPermissionFlag.UnmanagedCode"(for 1.1 see RuntimeMethodHandle.GetFunctionPointer Method for 2.0 see RuntimeMethodHandle.GetFunctionPointer Method)

Using Reflector we can see that in 1.1 this is enforced by a declarative Security Demand:

[SecurityPermission(SecurityAction.Demand, UnmanagedCode=true)]
public IntPtr GetFunctionPointer()
     return RuntimeMethodHandle.InternalGetFunctionPointer(this.m_ptr);

but in 2.0 there is no security demand:

public extern IntPtr GetFunctionPointer();

This means that this code works in a 2.0 Partial Trust environment:

using System;
using System.Reflection;
namespace Owasp
   public class GetFunctionPointer
       public static void Main()
           Type tType = Type.GetType("Owasp.GetFunctionPointer"); //("System.String");
           MethodInfo[] miMethods = tType.GetMethods();
           foreach (MethodInfo mi in miMethods)
               Console.WriteLine(mi.Name + " : " +  Convert.ToString(mi.MethodHandle.GetFunctionPointer().ToInt64(),16));
           //MethodInfo mi = new MethodInfo()


Main : c80070
GetType : 79690ccc
ToString : 9127cc
Equals : 9127e0
GetHashCode : 9127f4

i.e. it worked!

Where in 1.1, the same code throws (as expected) a security exception:

Unhandled Exception: System.Security.SecurityException: Request for the permisson of type System.Security.Permissions.SecurityPermission, mscorlib, Version=1..5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.  
   at  System.Security.CodeAccessSecurityEngine.CheckTokenBasedSetHelper(Boolean ignoreGrants, TokenBasedSet grants, TokenBasedSet denied, TokenBasedSet demands 
   at System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet grants, PermissionSet denied, PermissionSet demands) 
   at System.RuntimeMethodHandle.GetFunctionPointer()  
   at Owasp.GetFunctionPointer.Main()
The state of the failed permission was:
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Vrsion=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1"             Flags="UnmanagedCode"/>

I did attempt searching in Breaking Changes in .NET Framework 2.0 for this but since there is not search funcionality in there I gave up