Add BinaryFormatter auditing EventSource

dotnet · GrabYourPitchforks · Jul 29, 2020 · Jul 23, 2020 · Jul 29, 2020 · Jul 29, 2020
commit 1ffeffce412ea4939b7a8159b4825225e71d3853
diff --git a/...ystem.Runtime.Serialization.Formatters/src/System.Runtime.Serialization.Formatters.csproj b/...ystem.Runtime.Serialization.Formatters/src/System.Runtime.Serialization.Formatters.csproj
@@ -61,6 +61,7 @@
     <Compile Include="System\Runtime\Serialization\Formatters\Binary\BinaryFormatter.cs" />
     <Compile Include="System\Runtime\Serialization\Formatters\Binary\BinaryFormatter.Core.cs" Condition="'$(TargetsBrowser)' != 'true'" />
     <Compile Include="System\Runtime\Serialization\Formatters\Binary\BinaryFormatter.PlatformNotSupported.cs" Condition="'$(TargetsBrowser)' == 'true'" />
+    <Compile Include="System\Runtime\Serialization\Formatters\Binary\BinaryFormatterEventSource.cs" />
     <Compile Include="System\Runtime\Serialization\Formatters\Binary\BinaryFormatterWriter.cs" />
     <Compile Include="System\Runtime\Serialization\Formatters\Binary\BinaryObjectInfo.cs" />
     <Compile Include="System\Runtime\Serialization\Formatters\Binary\BinaryObjectReader.cs" />

diff --git a/...ion.Formatters/src/System/Runtime/Serialization/Formatters/Binary/BinaryFormatter.Core.cs b/...ion.Formatters/src/System/Runtime/Serialization/Formatters/Binary/BinaryFormatter.Core.cs
@@ -39,6 +39,7 @@ public object Deserialize(Stream serializationStream)
             };
             try
             {
+                BinaryFormatterEventSource.Log.DeserializationStarted();
                 var parser = new BinaryParser(serializationStream, reader);
                 return reader.Deserialize(parser);
             }
@@ -50,6 +51,10 @@ public object Deserialize(Stream serializationStream)
             {
                 throw new SerializationException(SR.Serialization_CorruptedStream, e);
             }
+            finally
+            {
+                BinaryFormatterEventSource.Log.DeserializationEnded();
+            }
         }
 
         [Obsolete(Obsoletions.BinaryFormatterMessage, DiagnosticId = Obsoletions.BinaryFormatterDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]
@@ -73,10 +78,18 @@ public void Serialize(Stream serializationStream, object graph)
                 _assemblyFormat = _assemblyFormat,
             };
 
-            var sow = new ObjectWriter(_surrogates, _context, formatterEnums, _binder);
-            BinaryFormatterWriter binaryWriter = new BinaryFormatterWriter(serializationStream, sow, _typeFormat);
-            sow.Serialize(graph, binaryWriter);
-            _crossAppDomainArray = sow._crossAppDomainArray;
+            try
+            {
+                BinaryFormatterEventSource.Log.SerializationStarted();
+                var sow = new ObjectWriter(_surrogates, _context, formatterEnums, _binder);
+                BinaryFormatterWriter binaryWriter = new BinaryFormatterWriter(serializationStream, sow, _typeFormat);
+                sow.Serialize(graph, binaryWriter);
+                _crossAppDomainArray = sow._crossAppDomainArray;
+            }
+            finally
+            {
+                BinaryFormatterEventSource.Log.SerializationEnded();
+            }
         }
     }
 }
diff --git a/...rmatters/src/System/Runtime/Serialization/Formatters/Binary/BinaryFormatterEventSource.cs b/...rmatters/src/System/Runtime/Serialization/Formatters/Binary/BinaryFormatterEventSource.cs
@@ -0,0 +1,158 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System.Diagnostics;
+using System.Diagnostics.Tracing;
+using System.Threading;
+
+namespace System.Runtime.Serialization.Formatters.Binary
+{
+    [EventSource(
+        Name = "System.Runtime.Serialization.Formatters.Binary.BinaryFormatterEventSource",
+        LocalizationResources = "FxResources.System.Runtime.Serialization.Formatters.SR")]
+    internal sealed class BinaryFormatterEventSource : EventSource
+    {
+        private const int EventId_SerializationStarted = 10;
+        private const int EventId_SerializationEnded = 11;
+        private const int EventId_SerializingObject = 12;
+        private const int EventId_DeserializationStarted = 20;
+        private const int EventId_DeserializationEnded = 21;
+        private const int EventId_DeserializingObject = 22;
+
+        // Used to keep track of whether a write operation is in progress. It's
+        // possible the listener itself uses BinaryFormatter to write to a log,
+        // and if this is the case we suppress our own logging events so that we
+        // enter an infinite recursion scenario.
+        private static readonly AsyncLocal<bool> _writeInProgress = new AsyncLocal<bool>();
+
+        public static readonly BinaryFormatterEventSource Log = new BinaryFormatterEventSource();
+
+        private BinaryFormatterEventSource()
+        {
+        }
+
+        [Event(EventId_SerializationStarted, Opcode = EventOpcode.Start, Keywords = Keywords.Serialization, Level = EventLevel.Informational)]
+        public void SerializationStarted()
+        {
+            if (IsEnabled(EventLevel.Informational, Keywords.Serialization) && !_writeInProgress.Value)
+            {
+                try
+                {
+                    _writeInProgress.Value = true;
+                    WriteEvent(EventId_SerializationStarted);
+                }
+                finally
+                {
+                    _writeInProgress.Value = false;
+                }
+            }
+        }
+
+        [Event(EventId_SerializationEnded, Opcode = EventOpcode.Stop, Keywords = Keywords.Serialization, Level = EventLevel.Informational)]
+        public void SerializationEnded()
+        {
+            if (IsEnabled(EventLevel.Informational, Keywords.Serialization) && !_writeInProgress.Value)
+            {
+                try
+                {
+                    _writeInProgress.Value = true;
+                    WriteEvent(EventId_SerializationEnded);
+                }
+                finally
+                {
+                    _writeInProgress.Value = false;
+                }
+            }
+        }
+
+        [NonEvent]
+        public void SerializingObject(Type type)
+        {
+            Debug.Assert(type != null);
+
+            if (IsEnabled(EventLevel.Informational, Keywords.Serialization) && !_writeInProgress.Value)
+            {
+                try
+                {
+                    _writeInProgress.Value = true;
+                    SerializingObject(type.AssemblyQualifiedName);
+                }
+                finally
+                {
+                    _writeInProgress.Value = false;
+                }
+            }
+        }
+
+        [Event(EventId_SerializingObject, Keywords = Keywords.Serialization, Level = EventLevel.Informational)]
+        private void SerializingObject(string? typeName)
+        {
+            WriteEvent(EventId_SerializingObject, typeName);
+        }
+
+        [Event(EventId_DeserializationStarted, Opcode = EventOpcode.Start, Keywords = Keywords.Deserialization, Level = EventLevel.Informational)]
+        public void DeserializationStarted()
+        {
+            if (IsEnabled(EventLevel.Informational, Keywords.Deserialization) && !_writeInProgress.Value)
+            {
+                try
+                {
+                    _writeInProgress.Value = true;
+                    WriteEvent(EventId_DeserializationStarted);
+                }
+                finally
+                {
+                    _writeInProgress.Value = false;
+                }
+            }
+        }
+
+        [Event(EventId_DeserializationEnded, Opcode = EventOpcode.Stop, Keywords = Keywords.Deserialization, Level = EventLevel.Informational)]
+        public void DeserializationEnded()
+        {
+            if (IsEnabled(EventLevel.Informational, Keywords.Deserialization) && !_writeInProgress.Value)
+            {
+                try
+                {
+                    _writeInProgress.Value = true;
+                    WriteEvent(EventId_DeserializationEnded);
+                }
+                finally
+                {
+                    _writeInProgress.Value = false;
+                }
+            }
+        }
+
+        [NonEvent]
+        public void DeserializingObject(Type type)
+        {
+            Debug.Assert(type != null);
+
+            if (IsEnabled(EventLevel.Informational, Keywords.Deserialization) && !_writeInProgress.Value)
+            {
+                try
+                {
+                    _writeInProgress.Value = true;
+                    DeserializingObject(type.AssemblyQualifiedName);
+                }
+                finally
+                {
+                    _writeInProgress.Value = false;
+                }
+            }
+        }
+
+        [Event(EventId_DeserializingObject, Keywords = Keywords.Deserialization, Level = EventLevel.Informational)]
+        private void DeserializingObject(string? typeName)
+        {
+            WriteEvent(EventId_DeserializingObject, typeName);
+        }
+
+        public class Keywords
+        {
+            public const EventKeywords Serialization = (EventKeywords)1;
+            public const EventKeywords Deserialization = (EventKeywords)2;
+        }
+    }
+}
diff --git a/...ization.Formatters/src/System/Runtime/Serialization/Formatters/Binary/BinaryObjectInfo.cs b/...ization.Formatters/src/System/Runtime/Serialization/Formatters/Binary/BinaryObjectInfo.cs
@@ -268,8 +268,11 @@ private void InitMemberInfo()
 
         internal string GetAssemblyString() => _binderAssemblyString ?? _cache._assemblyString;
 
-        private void InvokeSerializationBinder(SerializationBinder? binder) =>
+        private void InvokeSerializationBinder(SerializationBinder? binder)
+        {
+            BinaryFormatterEventSource.Log.SerializingObject(_objectType!);
             binder?.BindToName(_objectType!, out _binderAssemblyString, out _binderTypeName);
+        }
 
         internal void GetMemberInfo(out string[]? outMemberNames, out Type[]? outMemberTypes, out object?[]? outMemberData)
         {
@@ -392,6 +395,8 @@ internal void Init(Type? objectType, string[] memberNames, Type[]? memberTypes,
 
         private void InitReadConstructor(Type objectType, ISurrogateSelector? surrogateSelector, StreamingContext context)
         {
+            BinaryFormatterEventSource.Log.DeserializingObject(objectType);
+
             if (objectType.IsArray)
             {
                 InitNoMembers();