Virtual Developer Workshop: Containerized Development with Docker

Environment: C#

C# is the language of .NET. Microsoft believes this is the most powerful and safest language around. Yaaa. It is a "remix" of Java with certain features such as Unsafe blocks to boost performance. But, there is the hack; Microsoft has tried to make conflicting goals meet with C# an example of which are unsafe blocks. C#'s unsafe blocks can render code that is as dangerous as C++. To see how, let's look at the following code:

public class AClass {
  public int aValueMember=0;
  private string _aRefMember="default";
  public string aRefMember
    get {return _aRefMember;}

Now, looking at this class, it may seem that the instance member _aRefMember's value="default" cannot be changed. If you think so, picture this...

public class Client {
  public static void Main(string[] arg) {
    AClass obj=new AClass();
    Console.WriteLine("Before Unsafe Block.................");
    Console.WriteLine("obj.aRefMember: ="+obj.aRefMember);
    unsafe {
      char* arrayPtr;
      fixed(int* ptr=&obj.aValueMember) {
        arrayPtr=(char*)(*(ptr-1));    // taking the address of
                                       // obj._aRefMember,
                                       // subtracting 1 becuase
                                       // the heap and stack grow
                                       // downwards in C#
                                       // this can be even nastier
                                       // *(ptr-1)=-1;
        arrayPtr[6]='D';               // first 6 bytes of the
                                       // string contains
                                       // information such as the
                                       // length of the string...
        arrayPtr[7] ='E';
        arrayPtr[8] ='F';
        arrayPtr[9] ='A';

    Console.WriteLine("After Unsafe Block.....");
    Console.WriteLine("obj.aRefMember: ="+obj.aRefMember);

The Value of "obj.aRefMember" changed to "DEFAULT" from "default" ..... But, that's not all. You also can make the referance _aRefMember point to any location with this code:

  *(ptr-1)=XX;    // XX is any address be it legal or illegal

One thing that is encouraging is that if you assign an illegal address to the referance, the application will not crash but the CLR will raise a NullPointerException.

What the above code illustrates is that C#'s unsafe mechanism makes it as unsafe as C++. In principle, you can do many of the nasty things with it that you could do with C++, such as playing with the vTable and so forth.


  • test

    Posted by waldo on 10/05/2012 08:43pm

    Seems we have a few Microsoft apologists in the audiance.

  • Get a Life guys, he is just having his say

    Posted by Legacy on 08/19/2003 07:00am

    Originally posted by: 25yrVet

    Same as you guys can, no language is perfect, but surely needs to be discussed.

    Contribute dont denegrate

  • *Yawn* Another MS Basher

    Posted by Legacy on 08/08/2003 07:00am

    Originally posted by: Microsoftie

    How unoriginal.

    Here's an idea - how about if you don't want unsafe code, you don't write any? I would rather have the option of/not using unsafe code than have a language designer decide for me. I like choice.

  • What else would you expect?

    Posted by Legacy on 08/07/2003 07:00am

    Originally posted by: Warren Stevens

    I'm not trying to be too harsh towards the author, but...

    Is the fact that "unsafe" code actually turns out to be unsafe surprising to anyone???

  • Another whimp ass Java programmer

    Posted by Legacy on 08/06/2003 07:00am

    Originally posted by: Sam Fugarino

    What's wrong with you people. You use the term "as dangerous as C++." All I can say is so what. You don't have to use unsafe code in C#.By the way, Java was designed with C++ in mind.

  • You must have javascript enabled in order to post comments.

Leave a Comment
  • Your email address will not be published. All fields are required.

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date