Replace binary formatter #8532
Replace binary formatter #8532
Conversation
ghost
assigned 
ghost
requested review from
src/Microsoft.DotNet.Wpf/src/PresentationCore/System/Windows/dataobject.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/DataStreams.cs
Outdated
Show resolved
Hide resolved
|
To be clear, |
Then it is my mistake for misunderstanding the “Customer Impact” section of the OP. Sorry to bother you. |
While the APIs may never be removed, according to BinaryFormatter infrastructure removed from .NET (.NET 9), "The internal BinaryFormatter implementation will no longer exist in .NET in any form and cannot be reenabled through any compat switch." |
The hope is to make you jump through more hoops by putting the actual implementation in another package, but there is no way the API will be removed or there will be no way to re-enable for quite some time. It is fundamental to many existing applications, particularly WinForms. To be clear, one should avoid the |
There was a problem hiding this comment.
This looks good. You should consider ensuring you have test coverage with and without the BinaryFormatter being enabled. See https://github.com/dotnet/winforms/blob/main/src/Common/tests/TestUtilities/BinaryFormatterScope.cs for how we do this in WinForms.
Add unit test bf
…8/wpf-rchauhan into ReplaceBinaryFormatter
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
1 similar comment
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run |
|
Azure Pipelines failed to run 1 pipeline(s). |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Description
The Binary Formatter was initially developed prior to the comprehensive understanding of deserialization vulnerabilities as a significant threat. As a result, the code doesn’t follow the modern practices. Due to the security vulnerability Binary formatter is considered obsolete. In .NET 9.0, the entire Binary formatter infrastructure will be removed from the product.
Binary Reader and Writer can be used to read and write the primitive data types into binary data and does not have any security vulnerability. We are creating a safe handle ‘BinaryFormatWriter’ which handles all primitives, Enums, strings, arrays and lists of primitives, and other items before falling into the process of serialization/deserialization. For serialization/deserialization we will use Binary writer. This approach will allow us to disable Binary formatter for the primitive and some other cases.
To convert the object to binary data we call TryWriteFrameworkObject with a memory stream and the object.
BinaryFormattedObject class is added to parse a binary formatted object from a stream. It used Binary reader to read from a stream.
This solution is similar as in WinForms
PR: dotnet/winforms#9088
CC
@JeremyKuhne @lonitra
Customer Impact
In .NET 9.0, the entire Binary formatter infrastructure will be removed from the product, and it will become obsolete.
It has additional benefits of making applications more friendly to linker trimming.
Regression
N/A
Testing
Internal testing done.
Risk
Low
There might be a few instances where this solution won't be effective. Currently, this PR includes all the primitive types and few more data types. The plan is to handle additional cases as feedback comes in.
Microsoft Reviewers: Open in CodeFlow