# Monday, 18 April 2005
« Saxon.NET RC1 | Main | IKVM 0.14 rc1 »
Whidbey Beta 2

I downloaded Whidbey Beta 2 from MSDN (subscription required) and installed it on my AMD64 machine (recently repaved with WinXP x64 RTM). Installation went very smooth and IKVM builds and runs its test suite (without requiring the workaround that the Februari CTP needed).

My Very Own Breaking Change

A long time ago I wrote about problems with the C# destructor and used System.WeakReference as example. Recently I discovered a related, but more serious problem with System.WeakReference and reported it to Microsoft.

Here is some evil code:

using System;
class Class1 : WeakReference
{
    Class1(object obj)
      : base(obj)
    {
    }
    
    static void Main(string[] args)
    {
        Class1 r = new Class1("foo");
        Console.WriteLine(r.Target);
        Class1 clone = (Class1)r.MemberwiseClone();
        GC.Collect();
        GC.WaitForPendingFinalizers();
        new Class1("bar");
        Console.WriteLine(clone.Target);
    }
}

The last statement prints out bar. Notice that we aren't supposed to have a reference to bar. This is a variation of a handle recycle attack.

In Beta 2 this problem was "fixed" by adding an unmanaged code inheritance demand to System.WeakReference, so untrusted code will not be able to subclass WeakReference (which is needed to get access to MemberwiseClone). This is a (minor) breaking change, but obviously the right thing to do.

Monday, 18 April 2005 21:04:12 (W. Europe Daylight Time, UTC+02:00)  #    Comments [1]
Sunday, 11 January 2009 20:07:38 (W. Europe Standard Time, UTC+01:00)
The "fix" (adding an unmanaged code inheritance demand for class WeakReferece) is to broad I think. Why not add unmanaged code demand on MemberwiseClone() only?

class WeakReference
{
[SecurityPermission(SecurityAction.Demand, Flags = SecurityPermissionFlag.UnmanagedCode)]
public new object MemberwiseClone()
{
return base.MemberwiseClone();
}
}
Gunnar Dalsnes
Name
E-mail
Home page

I apologize for the lameness of this, but the comment spam was driving me nuts. In order to be able to post a comment, you need to answer a simple question. Hopefully this question is easy enough not to annoy serious commenters, but hard enough to keep the spammers away.

Anti-Spam Question: What method on java.lang.System returns an object's original hashcode (i.e. the one that would be returned by java.lang.Object.hashCode() if it wasn't overridden)? (case is significant)

Answer:  
Comment (HTML not allowed)  

Live Comment Preview