nunit-core team mailing list archive

[Launchpad Bug Tracker <1086975@xxxxxxxxxxxxxxxxxx>]

You have been subscribed to a public bug:

>From the mailing list, reported by Andy Sipe:

We recently upgraded to 2.6.2 from 2.6.1 and now a few of our top level
integration tests are experiencing remoting security exceptions.

In particular we are having this exception thrown when attempting a
request:

System.Runtime.Serialization.SerializationException : Because of
security restrictions, the type System.Runtime.Remoting.ObjRef cannot be
accessed.

2.6.1 no problem, 2.6.2 this exception -- no other chnages in the
source.

Note that this is occurring in our tests not in the nunit framework
directly.

I've included a full stack trace at the end of this message.  I'm not
sure its going to help a whole lot as it occurs in our test code not in
the nunit code.  Note that in every case the exception is raised when
the response is deserialized and that the actual request works as
expected (server gets hit and executes).   To me it looks like there is
some new security restriction being applied at a somewhat high level
that is overriding the defaults.

I was able to work around the issue by setting the type filter and some
other security settings in the code that configures the security
surrounding remoting.   Fortunately we handle all of this outside of
configuration files or I'm unsure it would have worked as changing
configuration files seemed to have no impact.    Once I set the type
filter to full everything worked as expected again.

For our purposes this will likely work as we don't use remoting
extensively.   That said there is like some change in 2.6.2 that may
cause others problems as well.

Thanks -andy


at System.Runtime.Serialization.FormatterServices.GetSafeUninitializedObject(Type type)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Parse(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryObjectWithMapTyped record)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryHeaderEnum binaryHeaderEnum)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run()
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)

Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
... snip application level frames ....

** Affects: nunitv2
     Importance: Undecided
     Assignee: Simone Busoli (simone.busoli)
         Status: Confirmed

-- 
Security Exception After Upgrading to 2.6.2
https://bugs.launchpad.net/bugs/1086975
You received this bug notification because you are a member of NUnit Developers, which is subscribed to NUnit V2.