中等信任下ODP.net的访问违规

本文关键字:访问 net ODP 信任 | 更新日期: 2023-09-27 18:21:59

环境:

Windows Server 2008 R2
IIS 7.5
.NET 4.0, Integrated Application Pool
Oracle Client 11.2.0.2.0
ODP.net 11.2.0.2.3

我有一个网站,它使用ODP.net连接到我们的Oracle数据库,在"完全信任"下,该应用程序可以完美地工作。但是,当我将应用程序更改为使用"中等信任"时,我开始从应用程序中获得不一致的NullReferenceException。大多数时候,代码都是有效的,但大约每10个请求,我就会收到NullReferenceException。在查看事件日志时,我发现NullRefernceException通常对应于w3wp.exe崩溃。

Faulting application name: w3wp.exe, version: 7.5.7601.17514, time stamp: 0x4ce7afa2
Faulting module name: OraOps11w.dll, version: 2.112.2.0, time stamp: 0x4cea1904
Exception code: 0xc0000005
Fault offset: 0x0000000000024d56
Faulting process id: 0x3ba4
Faulting application start time: 0x01ccdf556d68384a
Faulting application path: c:'windows'system32'inetsrv'w3wp.exe
Faulting module path: C:'Oracle64'product'11.2.0'client'bin'OraOps11w.dll1

显然问题出在ODP.NET上,但为什么它会在"Medium Trust"中崩溃w3wp.exe。因此,为了确保我的代码中没有做错什么,我编写了最简单的ASP.NET web应用程序:

protected void Page_Load(object sender, EventArgs e) {
    using(OracleConnection conn = new OracleConnection(GetMyConnectionString())){
        using (OracleCommand cmd = new OracleCommand("select localtimestamp from dual", conn)) {
            conn.Open();
            this.aLiteral.Text = ((DateTime)cmd.ExecuteScalar()).ToLongDateString();
        }            
    }
}

在"完全信任"下,该应用程序运行良好。在"中等信任"下,该应用程序似乎运行良好,但当我将IIS调试诊断工具连接到该应用程序的应用程序池时,该应用会抛出数千个以下错误:

[1/30/2012 12:50:25 PM] First chance exception - 0xe0434352 caused by thread with  System ID: 14832
[1/30/2012 12:50:25 PM] Stack Trace
RetAddr           : Args to Child                                                           : Call Site
000007fe`f9990845 : 00000000`04af0ed0 00000000`00000001 00000000`00000000 00000001`bfe3a0b8 : KERNELBASE!RaiseException+0x3d
000007fe`f9993226 : 00000001`bfe3a0b8 00000000`00000000 00000001`bfe3a0b8 00000001`bfe3a0b8 : clr!PreBindAssemblyEx+0x61681
000007fe`f7a61233 : 00000000`00000000 00000000`00000000 00000001`bfdca3b0 00000000`00000000 : clr!PreBindAssemblyEx+0x64062
000007fe`f7a61515 : 00000000`ffd5c9b8 00000000`ffd5c9b8 00000000`ffd5c9b8 00000000`00000000 : mscorlib_ni+0x9f1233
000007fe`f7b0f6e2 : 00000001`bfdca3b0 00000000`00000000 00000000`ffd5c9b8 00000000`ffd5c9b8 : mscorlib_ni+0x9f1515
000007fe`f9859714 : 00000001`3fb39a28 00000000`00000000 00000000`00000000 00000000`ffd5c9b8 : mscorlib_ni+0xa9f6e2
000007fe`f9859829 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f985bb74 : 00000000`0fb2d450 00000000`00000008 000007fe`f7a602e0 00000000`00000000 : clr!LogHelp_LogAssert+0x25b19
000007fe`f985c39c : 00000000`00000000 00000000`00000000 00001f80`0010000b 0053002b`002b0033 : clr!LogHelp_LogAssert+0x27e64
000007fe`f9da3ea1 : 00000000`00000000 00000000`0fb2d700 00000000`04af0ed0 00000000`0257ffc0 : clr!LogHelp_LogAssert+0x2868c
000007fe`f9da42e5 : 00000000`00000000 00000000`0fb2e600 00000000`04af0ed0 00000001`3fb39a28 : clr!GetAssemblyIdentityFromFile+0x2aa81
000007fe`f9da454d : 00000000`04af0ed0 00000000`00000000 00000001`3fb39a28 00000000`04af0ed0 : clr!GetAssemblyIdentityFromFile+0x2aec5
000007fe`f9da4aac : 00000000`ffd5c9b8 00000000`00000000 00000000`04af0ed0 00000000`0fb2d630 : clr!GetAssemblyIdentityFromFile+0x2b12d
000007fe`f9da4b9c : 00000000`0fb2d898 00000000`00000001 00000000`00000000 00000000`00000000 : clr!GetAssemblyIdentityFromFile+0x2b68c
000007fe`f9c32ecc : 00000000`00000081 00000000`00000000 00000000`00000000 00000000`00000000 : clr!GetAssemblyIdentityFromFile+0x2b77c
000007fe`f9e97004 : 000007ff`002653f8 00000000`0fb2dda0 000007fe`f6554288 00000000`ffd5c9b8 : clr!CreateAssemblyConfigCookie+0x9f93c
000007fe`f9ea54e8 : 000007fe`f6554288 00000000`00010400 00000000`00010400 00000000`00000000 : clr!TranslateSecurityAttributes+0x39bb4
000007fe`f9854b72 : 00000000`04af0ed0 000007fe`f9908c66 000007fe`00000000 00000000`00000000 : clr!TranslateSecurityAttributes+0x48098
000007fe`f67af41f : 000007ff`001b8140 000007fe`f6554288 00000001`bfdc3360 00000000`0fb2dc08 : clr!LogHelp_LogAssert+0x20e62
000007fe`f67a38e6 : 00000000`00000000 00000000`00000000 00000000`0fb2dd00 000007fe`f9861052 : System_ni+0x2bf41f
000007ff`001a5c34 : 000007ff`001b8140 00000000`00000000 00000000`00000000 000007fe`f99de765 : System_ni+0x2b38e6
000007ff`001a5a12 : 00000001`00000000 000007ff`001b8140 000007ff`001b8140 00000000`0fb2dda0 : 0x7ff`001a5c34
000007ff`00187109 : 000007ff`00187104 00000000`00000046 00000000`0fb24000 00000000`04af0ed0 : 0x7ff`001a5a12
000007fe`f73f30c8 : 00000001`3fb398f8 00000001`3fb39990 00000000`00000000 00000000`00000000 : 0x7ff`00187109
000007fe`f9859714 : 00000000`ffd991a0 00000001`bfdc30d0 00000000`00000000 00000000`00000000 : mscorlib_ni+0x3830c8
000007fe`f9859829 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f98598a5 : 00000000`0fb2e038 00000000`00000002 00000000`0fb2e050 00000000`0fb2e248 : clr!LogHelp_LogAssert+0x25b19
000007fe`f998878a : 00000001`3fb39cd8 00000000`00000000 00000000`0fb2e4b8 00000000`0fb2e2f0 : clr!LogHelp_LogAssert+0x25b95
000007fe`f99885b1 : 00000001`3fb39cd8 00000000`025800c8 00000000`04af0ed0 00000000`025800c8 : clr!PreBindAssemblyEx+0x595c6
000007fe`f73e17b1 : 00000001`3fb39990 00000001`bfdc3090 00000001`ffb46070 00000000`00000000 : clr!PreBindAssemblyEx+0x593ed
000007fe`f73e16fb : 00000001`3fb39990 000007fe`f986200f 00000000`0fb2e558 00000000`00000000 : mscorlib_ni+0x3717b1
000007fe`f7476e5d : 000007ff`001b2020 00000000`000001be 00000001`3fb39990 00000000`0fb2e8d0 : mscorlib_ni+0x3716fb
000007fe`f9859714 : 00000001`3fb399b8 000007fe`f9838477 00000000`00000000 00000000`00000000 : mscorlib_ni+0x406e5d
000007fe`f9859829 : 00000000`00000000 00000000`00000000 000007fe`f7a35cf0 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f98598a5 : 00000000`0fb2e8c8 00000000`00000001 00000000`0fb2e8d0 00000000`0fb2eb20 : clr!LogHelp_LogAssert+0x25b19
000007fe`f9859d88 : 00000000`0fb2eb18 000007fe`f7374860 00000000`0fb2ebb0 000007fe`f713cd7c : clr!LogHelp_LogAssert+0x25b95
000007fe`f9a198a0 : 00000000`0fb2f380 00000000`0fb2eba0 00000000`0fb2f420 000007fe`f754dea0 : clr!LogHelp_LogAssert+0x26078
000007fe`f9869402 : 00000000`00000000 00000000`0fb2f380 00000000`04af0ed0 00000000`00000001 : clr!ClrCreateManagedInstance+0x1d00
000007fe`f9869397 : 00000000`00000000 00000000`770400e0 00000000`0fb2ee60 00000000`00392c70 : clr!LogHelp_LogAssert+0x356f2
000007fe`f9869304 : 00000000`04af12d0 000007fe`f986a0be ffffffff`fffffffe 00000000`003981f4 : clr!LogHelp_LogAssert+0x35687
000007fe`f9869604 : 00000000`0fb2f128 00000000`04af0ed0 00000000`00000000 00000000`04af0ed0 : clr!LogHelp_LogAssert+0x355f4
000007fe`f9c3305a : 00000000`00000000 00000000`02463320 00000000`0257ffc0 000007fe`fd2fb002 : clr!LogHelp_LogAssert+0x358f4
000007fe`f9869638 : 00000000`00000002 00000000`0fb2f380 00000000`0fb2f380 00000000`04af0ed0 : clr!CreateAssemblyConfigCookie+0x9faca
000007fe`f9869397 : 00000000`00000000 00000000`04af0ed0 ffffffff`fffffffe 00000000`04af0ed0 : clr!LogHelp_LogAssert+0x35928
000007fe`f9869304 : 00000000`00000048 00000000`00000001 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x35687
000007fe`f986945b : ffffffff`ffffffff 00000000`04af0ed0 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x355f4
000007fe`f9a196f0 : 00000000`04af0ed0 00000000`0fb2f840 00000000`00000001 00000000`00000000 : clr!LogHelp_LogAssert+0x3574b
000007fe`f998a7c2 : 00000000`04ac1960 00000000`0fb2f438 00000000`04af0ed0 00000000`00000000 : clr!ClrCreateManagedInstance+0x1b50
00000000`76e3652d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : clr!PreBindAssemblyEx+0x5b5fe
00000000`7706c521 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21
OS Thread Id: 0x39f0 (30)
Child SP         IP               Call Site
000000000fb2ced8 000007fefd2fcacd [HelperMethodFrame: 000000000fb2ced8] 
000000000fb2d020 000007fef7a61233 System.Security.CodeAccessSecurityEngine.ThrowSecurityException(System.Reflection.RuntimeAssembly, System.Security.PermissionSet, System.Security.PermissionSet, System.RuntimeMethodHandleInternal, System.Security.Permissions.SecurityAction, System.Object, System.Security.IPermission)
000000000fb2d0b0 000007fef7a61515 System.Security.CodeAccessSecurityEngine.CheckHelper(System.Security.PermissionSet, System.Security.PermissionSet, System.Security.CodeAccessPermission, System.Security.PermissionToken, System.RuntimeMethodHandleInternal, System.Object, System.Security.Permissions.SecurityAction, Boolean)
000000000fb2d120 000007fef7b0f6e2 System.Security.PermissionListSet.CheckDemand(System.Security.CodeAccessPermission, System.Security.PermissionToken, System.RuntimeMethodHandleInternal)
000000000fb2d518 000007fef9859714 [GCFrame: 000000000fb2d518] 
000000000fb2d6d0 000007fef9859714 [GCFrame: 000000000fb2d6d0] 
000000000fb2d828 000007fef9859714 [GCFrame: 000000000fb2d828] 
000000000fb2d8d8 000007fef9859714 [DebuggerSecurityCodeMarkFrame: 000000000fb2d8d8] 
000000000fb2d9b8 000007fef9859714 [HelperMethodFrame: 000000000fb2d9b8] System.StubHelpers.StubHelpers.BeginStandalone(IntPtr, IntPtr, Int32)
000000000fb2dc08 000007fef67af41f [NDirectMethodFrameStandalone: 000000000fb2dc08] Microsoft.Win32.NativeMethods.GetCurrentProcessId()
000000000fb2dbd0 000007fef67af41f DomainNeutralILStubClass.IL_STUB_PInvoke()
000000000fb2dc90 000007fef67a38e6 System.Diagnostics.Process.GetCurrentProcess()
000000000fb2dce0 000007ff001a5c34 Oracle.DataAccess.Client.OracleTuningAgent.GetCurrentVirtualMemorySize()
000000000fb2dd30 000007ff001a5a12 Oracle.DataAccess.Client.OracleTuningAgent.DoScan()
000000000fb2dd80 000007ff00187109 Oracle.DataAccess.Client.OracleTuningAgent.TuningFunction()
000000000fb2de10 000007fef73f30c8 System.Threading.ExecutionContext.runTryCode(System.Object)
000000000fb2e538 000007fef9859714 [HelperMethodFrame_PROTECTOBJ: 000000000fb2e538] System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
000000000fb2e660 000007fef73e17b1 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
000000000fb2e6c0 000007fef73e16fb System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
000000000fb2e710 000007fef7476e5d System.Threading.ThreadHelper.ThreadStart()
000000000fb2eb68 000007fef9859714 [GCFrame: 000000000fb2eb68] 
000000000fb2ef50 000007fef9859714 [DebuggerU2MCatchHandlerFrame: 000000000fb2ef50] 
000000000fb2f128 000007fef9859714 [ContextTransitionFrame: 000000000fb2f128] 
000000000fb2f310 000007fef9859714 [DebuggerU2MCatchHandlerFrame: 000000000fb2f310]

我按照ODP.NET自述中的说明将OraclePermission添加到web_mediumtrust.config中(32位和64位),但我仍然会收到同样的错误。

有什么想法可以让ODP.NET正确使用"Medium Trust"吗?

这是我的web_mediumtrust.config:

<configuration>
  <mscorlib>
    <security>
      <policy>
        <PolicyLevel version="1">
          <SecurityClasses>
            <SecurityClass Name="AllMembershipCondition" Description="System.Security.Policy.AllMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="AspNetHostingPermission" Description="System.Web.AspNetHostingPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="DnsPermission" Description="System.Net.DnsPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="EnvironmentPermission" Description="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="FileIOPermission" Description="System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="FirstMatchCodeGroup" Description="System.Security.Policy.FirstMatchCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="IsolatedStorageFilePermission" Description="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="NamedPermissionSet" Description="System.Security.NamedPermissionSet" />
            <SecurityClass Name="PrintingPermission" Description="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
            <SecurityClass Name="SecurityPermission" Description="System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="SmtpPermission" Description="System.Net.Mail.SmtpPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="SqlClientPermission" Description="System.Data.SqlClient.SqlClientPermission, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="StrongNameMembershipCondition" Description="System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="TypeDescriptorPermission" Description="System.Security.Permissions.TypeDescriptorPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="UIPermission" Description="System.Security.Permissions.UIPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="UnionCodeGroup" Description="System.Security.Policy.UnionCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="UrlMembershipCondition" Description="System.Security.Policy.UrlMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="WebPermission" Description="System.Net.WebPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="ZoneMembershipCondition" Description="System.Security.Policy.ZoneMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="ReflectionPermission" Description="System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="OraclePermission" Description="System.Data.OracleClient.OraclePermission, System.Data.OracleClient, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
          </SecurityClasses>
          <NamedPermissionSets>
            <PermissionSet class="NamedPermissionSet" version="1" Unrestricted="true" Name="FullTrust" Description="Allows full access to all resources" />
            <PermissionSet class="NamedPermissionSet" version="1" Name="Nothing" Description="Denies all resources, including the right to execute" />
            <PermissionSet class="NamedPermissionSet" version="1" Name="ASP.Net">
              <IPermission class="AspNetHostingPermission" version="1" Level="Medium" />
              <IPermission class="DnsPermission" version="1" Unrestricted="true" />
              <IPermission class="EnvironmentPermission" version="1" Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME" />
              <IPermission class="FileIOPermission" version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
              <IPermission class="IsolatedStorageFilePermission" version="1" Allowed="AssemblyIsolationByUser" UserQuota="9223372036854775807" />
              <IPermission class="PrintingPermission" version="1" Level="DefaultPrinting" />
              <IPermission class="SecurityPermission" version="1" Flags="Execution, ControlThread, ControlPrincipal, RemotingConfiguration" />
              <IPermission class="SmtpPermission" version="1" Access="Connect" />
              <IPermission class="SqlClientPermission" version="1" Unrestricted="true" />
              <IPermission class="TypeDescriptorPermission" version="1" Unrestricted="true" />
              <IPermission class="WebPermission" version="1" Unrestricted="true" />
              <IPermission class="ReflectionPermission" version="1" Flags="RestrictedMemberAccess" />
              <IPermission class="OraclePermission" version="1" Unrestricted="true" />
              <IPermission class="Oracle.DataAccess.Client.OraclePermission, Oracle.DataAccess, Version=4.112.2.0, Culture=neutral, PublicKeyToken=89b483f429c47342" version="1" Unrestricted="true" />
            </PermissionSet>
          </NamedPermissionSets>
          <CodeGroup class="FirstMatchCodeGroup" version="1" PermissionSetName="Nothing">
            <IMembershipCondition class="AllMembershipCondition" version="1" />
            <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="ASP.Net">
              <IMembershipCondition class="UrlMembershipCondition" version="1" Url="$AppDirUrl$/*" />
            </CodeGroup>
            <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="ASP.Net">
              <IMembershipCondition class="UrlMembershipCondition" version="1" Url="$CodeGen$/*" />
            </CodeGroup>
          </CodeGroup>
        </PolicyLevel>
      </policy>
    </security>
  </mscorlib>
</configuration>

中等信任下ODP.net的访问违规

从错误消息来看,我相信这里发生的事情是,当应用程序运行时,在某个时刻,ODP.net库会在一个单独的线程上生成一个OracleTuningAgent。当OracleTuningAgent执行时,它调用:

System.Diagnostics.Process.GetCurrentProcess()

GetCurrentProcess的调用需要完全信任,当您在中等信任下运行时,这会导致SecurityException。由于异常不会发生在请求线程上并且未处理,因此会导致web应用程序回收(请参阅风险#1)。

为了确保安全,我创建了一个测试web应用程序,并将其设置为"中等信任"。然后我尝试调用System.Diagnostics.Process.GetCurrentProcess(),得到以下异常:

安全异常

应用程序尝试执行不允许的操作安全策略。授予此应用程序所需的权限请与系统管理员联系或更改应用程序的配置文件中的信任级别。

异常详细信息:System.Security.SecurityException:请求失败。

我也尝试了High Trust,得到了同样的结果。在完全信任下运行,我的测试应用程序运行良好。

因此,为了回答所问的问题,ODP.net似乎导致w3wp在Medium Trust下崩溃,因为对Process.GetCurrentProcess()的调用需要Full Trust。如果有办法的话,你可以让你的代码在Medium Trust下工作:

  1. 配置.NET,以便对Process.GetCurrentProcess()的调用可以在Medium Trust下工作
    (我试过了,但没能想出办法,但这并不意味着这是不可能的),或者
  2. 关闭ODP.net中的OracleTuningAgent