mirror of
https://github.com/Facepunch/sbox-public.git
synced 2026-04-20 14:28:17 -04:00
0a7c021079
* ! Add tests replicating H1-3601675 attribute RCE * ! Add tests for potentially dangerous SkipLocalsInit, AsyncMethodBuilder * ! Blacklist SkipLocalsInit, UnsafeAccessor, AsyncMethodBuilder
20 lines
660 B
C#
20 lines
660 B
C#
namespace Sandbox;
|
|
|
|
static partial class CompilerRules
|
|
{
|
|
public static readonly List<string> Attributes =
|
|
[
|
|
"System.Runtime.CompilerServices.InlineArrayAttribute*",
|
|
"System.Runtime.CompilerServices.ExtensionMarkerAttribute",
|
|
"System.Runtime.CompilerServices.ParamCollectionAttribute",
|
|
|
|
// Can be used to read uninitialized stack memory.
|
|
"System.Runtime.CompilerServices.SkipLocalsInitAttribute*",
|
|
|
|
// All of these can potentially lead to RCEs
|
|
"System.Runtime.CompilerServices.UnsafeAccessorAttribute*",
|
|
"System.Runtime.CompilerServices.UnsafeAccessorTypeAttribute*",
|
|
"System.Runtime.CompilerServices.AsyncMethodBuilderAttribute*",
|
|
];
|
|
}
|