Export (0) Print
Expand All

DLLFunction.call Method


public anytype call( ...)

Called

If an attacker can control input to the call method, a security risk exists. Therefore, this method runs under Code Access Security. Calls to this method on the server require permission from the InteropPermission Class. Ensure that the user has development privileges by setting the security key to SysDevelopment on the control that calls this method.

The following example uses DLL and DLLFunction to interoperate with the GetVersion API in Kernel32.dll. It asserts the use of InteropPermission to provide code access protection, and then it loads the DLL. If this is successful, the return type is set from the call to DLLFunction.

NoteNote

For more information about the BP deviation documented comment, see Best Practices Errors for Dangerous APIs.


{
    Dll               dll;
    DllFunction       dllFunc;
    anytype           retVal;
    InteropPermission perm;
    ;
 
    perm = new InteropPermission(InteropKind::DllInterop);
 
    // Grants permission to execute the DLL.new method.
    // DLL.new is protected by code access security.
    perm.assert();
 
    // BP deviation documented.
    dll = new Dll("Kernel32.dll");
    // Closes the code access permission scope.
    CodeAccessPermission::revertAssert();
 
    if (dll != null)
    {
        // Grants permission to execute the DLLFunction.new method.
        // DLLFunction.new is protected by code access security.
        perm = new InteropPermission(InteropKind::DllInterop);
        perm.assert();
 
        dllFunc = new DllFunction(dll, "GetVersion");
        if (dllFunc != null)
         {
            dllFunc.returns(ExtTypes::DWord);
             retVal = dllFunc.call();
         }
       // Closes the code access permission scope.
       CodeAccessPermission::revertAssert();
    }
}

Community Additions

ADD
Show:
© 2014 Microsoft