.NET Day 2019 - Abusing the C# compiler by Filip Wojcieszyn

Transcript

1. Abusing the C# Abusing the C# Compiler Compiler for fun

   and no pro t for fun and no pro t

2. Filip W Filip W a random guy from the internet

   • • strathweb.com @ lip_woj github.com/ lipw
3. None

4. What will we What will we learn? learn?

5. Nothing.

6. We will however see, that it doesn't take a lot

   to violate the rules of C#.

7. C# Compiler C# Compiler

8. None

9. “ Compiler is the guardian of the integrity of the

   language.

10. C# 6 Draft Spec Reading C# 6 Draft Spec Reading

11. High level C# building blocks High level C# building blocks

    C# Languague Speci cation ECMA Standard, ~500 pages ⚙ Roslyn Compiler compiles C# code to Common Intermediate Language Tooling powered by the C# Compiler CLR / CoreCLR compiles CIL to machine code

12. Can you trust the Can you trust the compiler? compiler?

13. - Mads Torgersen, C# Lead Designer “ Customers will depend

    on the new compiler behaving exactly the same way as the old one. Writing a new compiler for C# means trying to match the old compiler bug-for-bug.

14. Invalid C#, compiler error Invalid C#, compiler error static class

    Foo {} class Bar { // error CS0722: 'Foo': static types cannot be used as return types Foo GetFoo() => null; }

15. Invalid C#, no compiler error Invalid C#, no compiler error

    static class Foo {} interface IBar { // compiles fine Foo GetFoo(); }

16. Can the compiler produce a program that won't work? Yes

17. Let's assume that the code is 100% error free. Still

    yes

18. Language Spec Compiler Runtime

19. Can the runtime allow you to violate the C# language

    speci cation? Yes

20. Language Spec Compiler Runtime

21. - Eric Lippert “ A common technique (...) is to

    have the compiler “lower” from high-level language features to low-level language features in the same language.

22. C# using block C# using block using(new C()) { //

    do stuff }

23. Emitted IL Emitted IL IL_0000: nop IL_0001: newobj instance void

    C::.ctor() IL_0006: stloc.0 .try { IL_0007: nop IL_0008: nop IL_0009: leave.s IL_0016 } // end .try finally { // sequence point: hidden IL_000b: ldloc.0 IL_000c: brfalse.s IL_0015 IL_000e: ldloc.0 IL_000f: callvirt instance void [mscorlib]System.IDisposable::Dispose() IL_0014: nop // sequence point: hidden IL_0015: endfinally } // end handler

24. “ This method terminates a process without running any active

    try/ nally blocks or nalizers. - Environment.FailFast(...)

25. So far we have managed to So far we have

    managed to ✅ Create an instance without calling a constructor ✅ Bypass a ' nally' clause ✅ Create an instance of an open generic

26. Can the compiler produce code that doesn’t behave as expected?

    Yes

27. Language Spec Compiler Runtime

28. How badly can you abuse the language and the compiler?

    Very badly

29. Language Spec Compiler Runtime

30. Thank you Thank you See you next year! lipw.github.io/dotnetday-zurich-2019 github.com/

    lipw/2019-switzerland- netday-demos