Being Careful About What Code Gets Executed

Beyond simply protecting data your application uses, there are some special cases where you may end up executing code that you didn't intend to execute. Those special cases include the following:

  • LinkDemands and inheritance

  • Virtual, internal methods

  • Delegates and stack walks

  • Loading assemblies on behalf of other code

  • Exceptions and filters

  • Race conditions

LinkDemands and Inheritance

It is of the utmost importance to remember that LinkDemands trigger when a method is JITted, not while a method is actually executing. Thus, applying LinkDemands to interfaces, classes, and virtual methods has a big caveat. If there is an inheritance hierarchy where LinkDemands are not applied uniformly for a given method, malicious ...

Get .NET Framework Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.