Home Dashboard Directory Help
Search

Security transparent code cannot leverage Async Targeting Pack by Kent Boogaart


Status: 

Active


3
0
Sign in
to vote
Type: Bug
ID: 777864
Opened: 1/30/2013 3:25:09 AM
Access Restriction: Public
0
Workaround(s)
view
1
User(s) can reproduce this bug

Description

A .NET 4 library that makes use of the Async Targeting Pack (ATP) and also marks itself as security transparent will fail to execute. The CLR throws an exception along the lines of:

System.TypeLoadException was unhandled
Message=Inheritance security rules violated while overriding member: 'ATPTest.Program+<DoWork>d__0.MoveNext()'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.
<snip>

Running code analysis against the library results in warnings such as:

CA2140    Transparent code must not reference security critical items    Transparent method 'Class.DoSomethingAsync()' references security critical method 'AsyncTaskMethodBuilder<int>.Start<Class.<DoSomethingAsync>d__0>(ref Class.<DoSomethingAsync>d__0)'. In order for this reference to be allowed under the security transparency rules, either 'Class.DoSomethingAsync()' must become security critical or safe-critical, or 'AsyncTaskMethodBuilder<int>.Start<Class.<DoSomethingAsync>d__0>(ref Class.<DoSomethingAsync>d__0)' become security safe-critical or transparent.

This problem also applies transitively to any application referencing the library. That is, if the library does NOT have SecurityTransparent applied but a host application references the library and itself has SecurityTransparent, the same problem occurs.
Details
Sign in to post a comment.
Posted by Microsoft on 2/7/2013 at 2:56 PM
Hi Kent,

Thank you for your feedback. Unfortunately, the C# and VB compilers are not transparency aware, so auto-generated code for things such as lambdas, iterators and async state machines can wind up with transparency annotations that cause the program to fail to run. This is what's happening in your case.

This is a request that we're aware of, and it is currently something being tracked on our backlog of items along with other feature requests. However, due to the relative usage level of transaprent code the feature tends to be prioritized lower and thus it hasn't yet made a release.

Generally, the workaround for this sort of issue is to use async methods in a fully transparent type, which means that the generated code is also fully transparent and avoids the type load exception. If your async method needs to perform critical operations, it can call out to safe critical helper methods to achieve those.

We'll continue to consider this request in the future, thank you for your feedback.

-Shawn Farkas [MS]
Posted by Microsoft on 1/30/2013 at 9:04 PM
Thanks for your feedback.

We are rerouting this issue to the appropriate group within the Visual Studio Product Team for triage and resolution. These specialized experts will follow-up with your issue.
Posted by Microsoft on 1/30/2013 at 3:50 AM
Thank you for your feedback, we are currently reviewing the issue you have submitted. If this issue is urgent, please contact support directly(http://support.microsoft.com)
Sign in to post a workaround.
File Name Submitted By Submitted On File Size  
ATPRepro.zip 1/30/2013 5 KB