google_ad_clIEnt = "pub-6430022987645146";google_ad_width = 160;google_ad_height = 600;google_ad_format = "160x600_as";google_cpa_choice = "CAEaCIxsmjE5mLWmUDRQHVAFUAdQLFAMUANQnQJQL1AU";google_color_border = "336699";google_color_bg = "FFFFFF";google_color_link = "0000FF";google_color_text = "000000";google_color_url = "008000";
google_ad_client = "pub-6430022987645146";google_ad_slot = "6984174763";google_ad_width = 160;google_ad_height = 600; google_ad_clIEnt = "pub-6430022987645146";google_ad_slot = "3992485859";google_ad_width = 468;google_ad_height = 60;
.NET的安全性問題是一個綜合性的問題,這不是我現在能學習好理解透的,我估計也不是一般的.Net的編碼者能夠把握住應用好的。
至少,在代碼集中,.Net的全局變量,或者說受Private修飾保護的對象,是不安全的。
在現實中有一個傳話游戲,其要義是,信息在信息鏈的傳遞過程中會失真。.Net也一樣,很難保證一個關鍵的信息在傳遞的過程中保持“純潔”而不被潛伏中的攻擊而受污染。特別是在大規模的代碼集中。
SecureString類
在.Net的設計中,SecureString類應該是安全系數比較高的。它有兩個作用,一是賦值後MakeReadOnly以便在後續的傳遞中不致修改,二是在必要的時候進行銷毀。但是用它來傳遞關鍵信息,比如密碼,還是不安全的。這個類裡頭有一個m_readOnly As Boolean的Private變量來保存當前實例可否修改的狀態,你可以重置該值為False,便可以對它重新修改,MakeReadOnly也就失去了它本身的作用。
ReadOnlyCollection類
它的本義是不能對當前實例的項目進行增刪。在它的設計中,用一個list的Private變量來存儲當前集合。事實並不能保證它的作用。你甚至可以用自己的list替換了它。
測試代碼
上面用到的 TypeHelp類:
TypeHelper.Methods.vb
Imports System.Runtime.InteropServices
Imports System.Collections.ObjectModel
Public Class NoSecure
Public Sub TestSecureString()
Dim t As New Security.SecureString
t.AppendChar("A"c)
t.AppendChar("B"c)
t.MakeReadOnly()
Console.WriteLine(Marshal.PtrToStringAuto(Marshal.SecureStringToBSTR(t)))
Dim h As New LzmTW.uSystem.uReflection.TypeHelper(t)
h.SetMemberValue("m_readOnly", False)
t.AppendChar("C"le="COLOR: #000000">c)
Console.WriteLine(Marshal.PtrToStringAuto(Marshal.SecureStringToBSTR(t)))
End Sub
Public Sub TestReadonlyCollection()
Dim t As New ReadOnlyCollection(Of String)(New String() {"A", "B", "C"})
For i As Integer = 0 To t.Count - 1
Console.Write(t.Item(i))
Next
Console.WriteLine()
Dim h As New LzmTW.uSystem.uReflection.TypeHelper(t)
Dim mNowList As New List(Of String)
mNowList.AddRange(New String() {"A", "B", "C", "D"})
h.SetMemberValue("list", mNowList)
For#000000"> i As Integer = 0 To t.Count - 1
Console.Write(t.Item(i))
Next
End Sub
End Class
Imports System.Reflection
Namespace LzmTW.uSystem.uReflection
Partial Class TypeHelper
Public Sub SetCurrentObj(ByVal obj As Object)
If Not obj Is Nothing> AndAlso Not Me.CurrentType.IsInstanceOfType(obj) Then
Throw New ArgumentException("實例類型與內部類型不相符")
End If
Me.gCurrentObjct = obj
End Sub
Public Function GetMemberValue(ByVal name As String, ByVal ParamArray args() As ObjectOR: #000000">) As Object
Return Me.CurrentType.InvokeMember( _
name, _
MemberGetBinding, _
Nothing, _
Me.CurrentObject, _
args)
End Function
Public Sub SetMemberValue(ByVal name As String, ByVal ParamArray args() As Object)
Metyle="COLOR: #000000">.CurrentType.InvokeMember( _
name, _
MemberSetBinding, _
Nothing, _
Me.CurrentObject, _
args)
End Sub
Public Function MethodInvoke(ByVal name As String, ByVal ParamArray args() As Object) As Object
Return Me.CurrentType.InvokeMember( _
name,
MethodBinding, _
Nothing, _
Me.CurrentObject, _
args)
End Function
Public Function NewInstance(ByVal ParamArray args() As Object) As Object
Dim mParaCount As Integer = args.Length
Dim mCtors As ConstructorInfo() = span>Me.CurrentType.GetConstructors(MethodBinding)
For Each ctro As ConstructorInfo In mCtors
If ctro.GetParameters.Length = mParaCount Then
Return ctro.Invoke(args)
End If
Next
Return Nothing
End Function
'''''' <summary>
''>'''' 可以使用*?[abc][!abc],忽略大小寫
'''''' </summary>
Public Function FindMember(ByVal name As String) As MemberInfo()
If String.IsNullOrEmpty(name) OrElse name = "*" Then
Return Me.CurrentType.GetMembers(Binding)
End If
Dim00"> mPattern As String = "*[*?]*"
If Not name Like mPattern Then Return Me.CurrentType.GetMember(name, Binding)
Dim mArray As New List(Of MemberInfo)
For Each m As MemberInfo In Me.CurrentType.GetMembers(Binding)
If m.Name.ToLower Like name.ToLower Then
mArray.Add(m)
End If
Next
Return mArray.ToArray
End Function
Private MemberGetBinding As BindingFlags = _
BindingFlags.Instance Or _
BindingFlags.Public Or _
BindingFlags.NonPublic Or _
BindingFlags.Static Or _
BindingFlags.GetFIEld Or _
BindingFlags.GetProperty
"COLOR: #0000ff">Or _
BindingFlags.IgnoreCase
Private MemberSetBinding As BindingFlags = _
BindingFlags.Instance Or _
BindingFlags.Public Or _
BindingFlags.NonPublic Or _
BindingFlags.Static Or _
BindingFlags.SetFIEld Or _
BindingFlags.SetProperty Or _
BindingFlags.IgnoreCase
Private MethodBinding As BindingFlags = _
; BindingFlags.Instance Or _
BindingFlags.Public Or _
BindingFlags.NonPublic Or _
BindingFlags.Static Or _
BindingFlags.InvokeMethod Or _
BindingFlags.IgnoreCase
End Class
End Namespace
TypeHelper.vb
Imports System.Reflection
Namespace LzmTW.uSystem.uReflection
Public Class TypeHelper
Private gType As Type
Private gCurrentObjct As Object
Public ReadOnly Property CurrentType() As Type
Get
Return gType
End Get
End Property
Public ReadOnly Property CurrentObject() As Object
Get
Return gCurrentObjct
End
000"> Get
End Property
Sub New(ByVal referrenceObj As Object)
If Me.IsType(referrenceObj) Then
Me.gType = CType(referrenceObj, Type)
Else
Me.gType = referrenceObj.GetType
Me.gCurrentObjct = referrenceObj
End
LOR: #000000"> If
End Sub
Sub New(ByVal assembly As Assembly, ByVal fullTypeName As String)
Me.InternalCreate(assembly, fullTypeName)
Me.InternalCheckIsValid(fullTypeName, True)
End Sub
Sub New(ByVal referrenceType As Type, ByVal typeName> As String, Optional ByVal isNestedType As Boolean = False)
Dim mAssembly As Assembly = referrenceType.Assembly
Me.InternalCreate(mAssembly, typeName)
If Me.InternalCheckIsValid(typeName, False) Then Return
Dim mFullTypeName As Stringpan> = GetFullTypeName(referrenceType, typeName, isNestedType)
Me.InternalCreate(mAssembly, mFullTypeName)
Me.InternalCheckIsValid(mFullTypeName, True)
End Sub
Private Sub InternalCreate(ByVal ass As Assembly, ByVal fulltypename As String)
gType = ass.GetType(fulltypename, False, True)
End Sub
Private OR: #0000ff">Function InternalCheckIsValid(ByVal typename As String, ByVal throwOnError As Boolean) As Boolean
If gType Is Nothing Then
If throwOnError Then
Throw New ArgumentException(String.Format("typeName: {0} 不存在", typename))
span>Else
Return False
End If
End If
Return True
End Function
Private Function GetFullTypeName(ByVal referrenceType As Type, ByVal typeName As String, ByVal isNestedType As Boolean) COLOR: #0000ff">As String
Dim mFullName As String = Nothing
Dim mRefFullName As String = referrenceType.FullName
If isNestedType Then
mFullName = String.Concat(mRefFullName, "+", typeName)
Else
Dim mLastIndex Asan > Integer = mRefFullName.LastIndexOf(referrenceType.Name)
mFullName = String.Concat(mRefFullName.Substring(0, mLastIndex), typeName)
End If
Return mFullName
End Function
Private Function IsType(ByVal instance As Object) As Boolean
Return instance.GetType.IsSubclassOf(GetType(Type))
: #0000ff">End Function
Public Const Binding As BindingFlags = _
BindingFlags.Instance Or _
BindingFlags.Public Or _
BindingFlags.NonPublic Or _
BindingFlags.Static Or _
BindingFlags.CreateInstance Or _
BindingFlags.IgnoreCase
End Class
End Namespace
博客廣告新思路!在你的博客裡放置廣告!
利用你自己的博客就能賺錢!
什麼都不用做就有廣告收入!
我掛廣告了效果如下面所示!免費注冊擁有財富!
注冊地址
http://WWW.BLOGGAO.COM(點我就行)
