Reputation: 85
Safe and unsafe win32 methods
msdn says P/Invoke methods that can be safely exposed to any application and that do not have any side effects should be put in a class that is named SafeNativeMethods.
and P/Invoke methods that cannot be safely called and that could cause side effects should be put in a class that is named UnsafeNativeMethods.
i think this reffers to windows api. but how can i find out if a method is considered safe or unsafe?
is there such a tool or online reference to know that? where is written that rule that makes a windows api method safe or usnafe?
Upvotes: 0
Views: 534
Answers (1)
Reputation:
i think this reffers to windows api.
Not exclusively. It refers to any native code you provide access to through DllImport.
but how can i find out if a method is considered safe or unsafe?
You know what your function does. Otherwise you wouldn't be making it available. Then consider whether a malicious user, having only access to managed and safe native code, would be able to mess up the program (or worse) if also given access to the function you're looking at.
Pretty much any function taking pointers that you actually expose as pointers will be unsafe, but the reverse is not true, functions that don't involve pointers can still be unsafe too.
Note that if you are not dealing with any untrusted code, you can just put everything in a NativeMethods class and not worry about safe or unsafe.
Upvotes: 1
Related Questions
- SafeHandle in C#
- C# Security Risks
- MSDN SafeHandle example
- C# -> C++/CLI -> native method - need SafeProcessHandle?
- Win32 API Method
- C# is probably not the best choice for a security application?
- Can Win32 API be dangerous to my computer?
- How to compile Unsafe code in C#
- Dangers of Windows API and Administrator accounts?
- Accessing Microsoft.Win32.UnsafeNativeMethods?