-
Notifications
You must be signed in to change notification settings - Fork 5
SafeObject
undergroundwires edited this page Feb 4, 2020
·
8 revisions
SafeObject represents an object that can detect and alert memory injections to itself.
SafeObject is a class that provides locking pattern to access object in a thread safe matter. It uses IInjectionProtector internally that checks if the object is safe (not injected in the memory) on each access to the object. The security mode can be changed dynamically or in the constructor.
Caution : This class should not be used for strings or binaries (byte[]). Use the better classes that's specifically designed for this purposes : SafeString and SafeBytes.
var safeObject = new SafeObject<Customer>( /*leaving default instance empty in constructor to get a new instance*/ );
// You can alternatively use an existing instance to protect: new SafeObject(new InitialSafeObjectSettings(initialValue, true));
// Each change to the object's state or code must be using ApplyChanges
safeObject.ApplyChanges((customer) => customer.Id = 5);
// Retrieve safe data
var customerId = safeObject.Object.Id; // Returns 5 or alerts if any injection is detectedYou can specify the channel that SafeObject will notify you about the detections.
// If the object's Id property becomes 0 by any non-applied change,
// the SafeObject instance will alert a memory injection depending on its protection mode.
safeObject.SetProtectionMode(SafeObjectProtectionMode.StateAndCode); // changes its protection mode to no protection
// You can change the alert channel:
safeObject.AlertChannel = InjectionAlertChannel.DebugWrite; // any detected injections will be alerted using the alert channelYou can even change/disable the protection mode dynamically.
safeObject.SetProtectionMode(SafeObjectProtectionMode.NoProtection); // stops the protection of object,
// SafeObject will never alert when it's not protected.
var willAlert = safeObject.CanAlert; // returns false as the instance will only alert when it's protected.