Emailid
Password
         
  
    Forgot password

New user Sign Up
 

C# and insecure programming
       Current Rating:  0%                                                     Total Members Rated:  0
                                                                     Send To Friend 

   
C# and insecure programming
 
Beginning
 
Whenever we talk about C#, many are of the opinion that C# carries no concept of pointers. Unsafe code is that part of C# programming, which is all about programming with pointers. There is nothing unsafe about programming with pointers because unlike the conventional .NET development that is done, unsafe programming requires certain assumptions on the part of the programmer. His article distinguishes two highly confused terms, unsafe code and unmanaged code etc.  And it is done in a broad way. 
 
 
Managed code
 
It is the code which carries out under the supervision of the CLR. The CLR is responsible for various housekeeping tasks like: Performing type verification, Doing garbage collection and managing memory for the objects. 
 
 
Unmanaged code
 
It is the code which executes outside the context of the CLR. A typical C++ program which allocates memory to a character pointer is an example of unmanaged code. This shows that a programmer is responsible for calling the memory allocation function, making sure that the casting is done right, making sure that the memory is released when the work is done. 
 
 
Insecure code
 
Insecure code carries out under the supervision of the CLR, just like the managed code, but lets you address the memory directly, through the use of pointers, as is done in unmanaged code. Unsafe code comes as a rescuer when you write a .NET application that uses the functionality in a legacy Win32 DLL, whose exported functions require the use of pointers. Insecure code is a bridge between the managed and unmanaged codes.
 
 
Writing unsafe code
 
It needs the help of two special keywords: unsafe and fixed. Also there are three kinds of pointer operators:i. *,ii. & and iii. -> 
 
The above functions have three kinds of value. But notice that the address of the variable, containing the value to be tripled, is passed to the function. The function then does its work. Since the function is using the "*" pointer operator, the function is marked as unsafe, since the memory is being directly manipulated. 
 
Any block of code, or a function that uses any of the above pointer operators is marked as unsafe through the use of the unsafe keyword:
 
public unsafe void Triple(int *pInt)
{
  *pInt=(*pInt)*3;
}
 
 
When you remember from the discussion above, unsafe code is managed code, and hence, is being executed under the CLR's supervision. Now, the CLR is free to move the objects in memory. One plausible reason could be to reduce the memory fragmentation. But in doing so, unknowingly and transparently to the programmer, the variable being pointed to could be get relocated to some other memory locations.
 
 
Therefore, if *pInt pointed to a variable which was at address 1001, and the CLR performs some memory relocation to reduce fragmentation, the variable which was earlier located at 1001 could, after relocation, be stored at memory location 2003. Probably that's one of the reason usage of pointers has been made to keep a low profile in .NET. This is a catastrophe, since the pointer becomes invalid as there is nothing at memory location 1001 after relocation.
 
 
Pointers' setting up
 
When we use fixed keyword for a block of statements, it tells the CLR that the object in question cannot be relocated, and thus, it ends up pinning the object. Thus, when pointers are used in C#, the fixed keyword is used pretty often to prevent invalid pointers at runtime. See the below:
 
using System;
class CData
{
    public int x;
}
 
class CProgram
{
    unsafe static void SetVal(int *pInt)
    {
        *pInt=1987;
    }
    
    public unsafe static void Main()
    {
        CData d = new CData();
        
        Console.WriteLine("Previous value: {0}", d.x);
        
        fixed(int *p=&d.x)
        {
            SetVal(p);
        }
        
        Console.WriteLine("New value: {0}", d.x);
    }
}
 
 
Here we see the address of field x of class CData to integer pointer p, within the fixed block. Now, while statements within the fixed block are executing, the pointer shall continue to point to the same memory location because the CLR has been instructed to pin the variable until the fixed block execution finishes. Once the fixed block is done, the object can be relocated in memory by the CLR. Just make sure that the block is unsafe and that the object being pointed to is fixed. Thus we can use pointers in C#.
 
All the best!
                           Rate This Article:   
Author is Offline
  Author: Pamela Teipel
       


Comments Posted
Label
Subject Author Status Date

 

Post Comment
Related Articles
Make your web site ‘perfect and Search Engine Friendly for Google and Yahoo
On making your content neat and tidy
Web site templates and its uses
Web Traffic and Higher Page Rank
How to increase visitors and traffic in your site



Home | About Us | Site Map | Privacy Policy | Submit Links