确定是否引用了类C#
[英]Determining if a class is referenced C#
问题描述
I'm curious if it is possible to determine whether or not an Assembly has referenced a particular class or not. 
我很好奇是否可以确定大会是否引用了某个特定的类。 I'm currently using Reflection to load Assemblies and then I determine what Assemblies are being referenced from within the assembly I am loading: 我目前正在使用Reflection来加载Assemblies,然后我确定正在加载的程序集中引用了哪些程序集:
foreach (var vReferencedAssembly in vSomeAssembly.GetReferencedAssemblies())
Now that I know what Assemblies are referenced, I want to dig into those vReferencedAssembly and determine if something like this occurs: 现在我知道引用了哪些程序集,我想深入研究那些vReferencedAssembly,并确定是否会出现这样的情况:
File.Create(vSomeFile);
In simple english, I don't want to load an Assembly from a list supplied to me that may contain what I consider a threat. 用简单的英语,我不想从提供给我的列表中加载一个可能包含我认为是威胁的程序集。 So I may want to block things that may manipulate files and so forth. 所以我可能想要阻止可能操纵文件的东西等等。
1 个解决方案
解决方案1
2 已采纳 2012-06-19 19:35:14
I believe what you're looking for is to load assemblies into the reflection only context. 我相信你要找的是将程序集加载到仅反射上下文中。 This allows you to load them into a safe area where no code will be executed until after you're inspected them. 这允许您将它们加载到安全区域,在该区域中,在您检查之前不会执行任何代码。
See: http://msdn.microsoft.com/en-us/library/ms172331.aspx 请参阅: http : //msdn.microsoft.com/en-us/library/ms172331.aspx
Update: You may use reflection to look at things like, variables, properties, parameters, return types but that still won't help you detect malicious code that's completely contained inside a method . 更新:您可以使用反射来查看变量,属性,参数,返回类型等内容, 但仍然无法帮助您检测完全包含在方法中的恶意代码 。 It is my understanding that distinguishing between safe and unsafe code is best left to the system administrator. 我的理解是,区分安全和不安全的代码最好留给系统管理员。 These applications have an implicit trust relationship to a secured location(s) on the PC. 这些应用程序与PC上的安全位置具有隐含的信任关系。 IE: the global assembly cache, the current working directory or some fixed path determined by your application. IE:全局程序集缓存,当前工作目录或应用程序确定的某个固定路径。 The PC then only grants administrators the ability to manage the assemblies in this location. 然后,PC只授予管理员管理此位置的程序集的能力。
Update 2: You may also consider running this potentially unsafe code in it's own application domain. 更新2:您还可以考虑在其自己的应用程序域中运行此可能不安全的代码。 Here you can set what is permitted and what isn't. 在这里,您可以设置允许的内容和不允许的内容。 See http://msdn.microsoft.com/en-us/library/bb763046.aspx . 请参阅http://msdn.microsoft.com/en-us/library/bb763046.aspx 。
Update 3: While I still maintain that loading untrusted code in it's own application domain with appropriate permissions is the cleanest approach, it is possible to determine what a method internally references at runtime as was asked by this question . 更新3:虽然我仍然坚持认为在其自己的应用程序域中加载不受信任的代码并具有适当的权限是最干净的方法,但可以确定方法在运行时内部引用的方法与此问题所要求的相同。 The gist of it is to use reflection to obtain the raw IL bytes of the method (MethodBody.GetILAsByteArray) and analyse it with your choice of IL parser. 它的要点是使用反射来获取方法的原始IL字节(MethodBody.GetILAsByteArray)并使用您选择的IL解析器进行分析。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.