如何动态加载包含非托管代码的原始程序集?(绕过“无法验证的代码失败的策略检查”异常)

时间:2022-06-01 19:50:07

I'm going to give an example of using System.Data.SQLite.DLL which is a mixed assembly with unmanaged code: If I execute this :

我将举一个使用System.Data.SQLite.DLL的例子,它是一个带有非托管代码的混合程序集:如果我执行这个:

  var assembly= Assembly.LoadFrom("System.Data.SQLite.DLL")

No exceptions are thrown, but if I do this :

没有异常被抛出,但如果我这样做:

  var rawAssembly = File.ReadAllBytes("System.Data.SQLite.DLL");
  var assembly = Assembly.Load(rawAssembly);

The CLR throws a FileLoadException with "Unverifiable code failed policy check. (Exception from HRESULT: 0x80131402)". Let's say I'm trying to load this assembly on a child AppDomain, how can I customize the AppDomain's security to allow me pass the policy check?

CLR抛出FileLoadException,“无法验证的代码失败策略检查。(HRESULT异常:0x80131402)”。假设我正在尝试在子AppDomain上加载此程序集,如何自定义AppDomain的安全性以允许我通过策略检查?

2 个解决方案

#1


14  

We are the victim of a crummy exception message. Loading assemblies with Assembly.Load(byte[]) that contain unmanaged code is not supported. This is the subject of this feedback item.

我们是一个糟糕的异常消息的受害者。不支持使用包含非托管代码的Assembly.Load(byte [])加载程序集。这是此反馈项的主题。

UPDATE: the linked feedback item is gone, deleted as part of the cleanup at VS2012 release time. The only part of it could still recover is this fragment, copied from another web page:

更新:链接的反馈项目已消失,作为VS2012发布时清理的一部分被删除。它的唯一部分仍然可以恢复是从另一个网页复制的这个片段:

“[…] we only allow ILOnly images to be loaded […] since anything else is not safe”--

“[...]我们只允许加载ILOnly图像[...],因为其他任何东西都不安全” -

UPDATE: link fixed with archive.org backup copy.

更新:使用archive.org备份副本修复链接。

#2


11  

The problem is that the CLR does not perform the normal DLL loading steps - like mapping the dlls separate sections into different pages, adjusting fixups, etc. When an assembly is loaded from raw bytes, those raw bytes are mapped into memory as is, and only managed meta-data is read. No amount of evidence or security settings will change this behavior.

问题是CLR不执行正常的DLL加载步骤 - 比如将dll分隔成不同的页面,调整fixup等。当从原始字节加载程序集时,这些原始字节按原样映射到内存中,并且只读取托管的元数据。没有任何证据或安全设置会改变此行为。

#1


14  

We are the victim of a crummy exception message. Loading assemblies with Assembly.Load(byte[]) that contain unmanaged code is not supported. This is the subject of this feedback item.

我们是一个糟糕的异常消息的受害者。不支持使用包含非托管代码的Assembly.Load(byte [])加载程序集。这是此反馈项的主题。

UPDATE: the linked feedback item is gone, deleted as part of the cleanup at VS2012 release time. The only part of it could still recover is this fragment, copied from another web page:

更新:链接的反馈项目已消失,作为VS2012发布时清理的一部分被删除。它的唯一部分仍然可以恢复是从另一个网页复制的这个片段:

“[…] we only allow ILOnly images to be loaded […] since anything else is not safe”--

“[...]我们只允许加载ILOnly图像[...],因为其他任何东西都不安全” -

UPDATE: link fixed with archive.org backup copy.

更新:使用archive.org备份副本修复链接。

#2


11  

The problem is that the CLR does not perform the normal DLL loading steps - like mapping the dlls separate sections into different pages, adjusting fixups, etc. When an assembly is loaded from raw bytes, those raw bytes are mapped into memory as is, and only managed meta-data is read. No amount of evidence or security settings will change this behavior.

问题是CLR不执行正常的DLL加载步骤 - 比如将dll分隔成不同的页面,调整fixup等。当从原始字节加载程序集时,这些原始字节按原样映射到内存中,并且只读取托管的元数据。没有任何证据或安全设置会改变此行为。