Geek Answers Handbook

Can .NET assemblies be protected against accidental corruption without reliable names?

Suppose I am assembling a .NET assembly and not signing it with a strong name, then it is copied to some storage, and then to another, and then ends in production. If a bit or two of the contents of an assembly accidentally changes (some hardware problems or something like that), is it likely that the .NET runtime has not noticed it and still believes that the assembly image is valid?

+7
c # clr assemblies
source share
3 answers

Write this program:

using System; namespace ConsoleApplication13 { class Program { static void Main(string[] args) { Console.WriteLine("Hello world!"); } } }

compile it, run it ...

Now open it in Notepad ++, select Find, select Extended research type, find H\0 ... Find H NUL e NUL l ... and replace H with X ... Save and restart ...

 Xello world!

Note that strong named assemblies are not checked normally ... Try adding a strong name ... compile ... run

 sn -v yourprogram.exe

and make sure it’s right ...

now change it ... restart

 sn -v yourprogram.exe

and make sure the check is not completed ...

Now try to run it ... It works correctly!

From MSDN

Starting with the .NET Framework version 3.5 Service Pack 1 (SP1), signatures with a strong name are not verified when the assembly is loaded into the AppDomain object with full trust, such as the default AppDomain domain for the MyComputer zone.

+6
source share

Yes, there is a chance.

Let me put the question on my head.

Can I arbitrarily change any one bit in the assembly and still execute / use it?

No, many bits and bytes are read during loading and execution, and most of them matter.

If the text or numbers, mainly data, change, the probability goes down, although not completely to zero, depending on the exact data that has changed.

So the answer to your question is this:

  • The node may load and execute, although possibly with incorrect / odd results
  • Assembly may not load

However, there are no guarantees.

+1
source share

Not sure what you mean by .NET startup, won't you notice? .net runtime will not run a dll check if it is not strictly signed. It will try to load the DLL. If the change distorts the dll, then loading the dll will fail.

0
source share

More articles:


All Articles