Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Access Violations with ODP.net under Medium Trust

Environment:

Windows Server 2008 R2
IIS 7.5
.NET 4.0, Integrated Application Pool
Oracle Client 11.2.0.2.0
ODP.net 11.2.0.2.3

I have a website that uses ODP.net to connect to our Oracle database, and under "Full Trust", the application works flawlessly. However, when I change the application to use "Medium Trust", I start getting inconsistent NullReferenceExceptions from the application. Most of the time the code works, but every 10 requests or so I get the NullReferenceException. Upon looking in the event log, I see that the NullRefernceException normally corresponds to a w3wp.exe crash.

Faulting application name: w3wp.exe, version: 7.5.7601.17514, time stamp: 0x4ce7afa2
Faulting module name: OraOps11w.dll, version: 2.112.2.0, time stamp: 0x4cea1904
Exception code: 0xc0000005
Fault offset: 0x0000000000024d56
Faulting process id: 0x3ba4
Faulting application start time: 0x01ccdf556d68384a
Faulting application path: c:\windows\system32\inetsrv\w3wp.exe
Faulting module path: C:\Oracle64\product\11.2.0\client\bin\OraOps11w.dll1

Obviously the issue is ODP.NET, but why is it crashing w3wp.exe in "Medium Trust". So, to try to make sure I wasn't doing something wrong in my code, I wrote the simplest of ASP.NET web applications:

protected void Page_Load(object sender, EventArgs e) {
    using(OracleConnection conn = new OracleConnection(GetMyConnectionString())){
        using (OracleCommand cmd = new OracleCommand("select localtimestamp from dual", conn)) {
            conn.Open();
            this.aLiteral.Text = ((DateTime)cmd.ExecuteScalar()).ToLongDateString();
        }            
    }
}

Under "Full Trust" the app works fine. Under "Medium Trust", the app appears to work fine, but when I hook up the IIS Debug Diagnostic Tool to the app's application pool, the app is throwing thousands of these errors:

[1/30/2012 12:50:25 PM] First chance exception - 0xe0434352 caused by thread with  System ID: 14832
[1/30/2012 12:50:25 PM] Stack Trace
RetAddr           : Args to Child                                                           : Call Site
000007fe`f9990845 : 00000000`04af0ed0 00000000`00000001 00000000`00000000 00000001`bfe3a0b8 : KERNELBASE!RaiseException+0x3d
000007fe`f9993226 : 00000001`bfe3a0b8 00000000`00000000 00000001`bfe3a0b8 00000001`bfe3a0b8 : clr!PreBindAssemblyEx+0x61681
000007fe`f7a61233 : 00000000`00000000 00000000`00000000 00000001`bfdca3b0 00000000`00000000 : clr!PreBindAssemblyEx+0x64062
000007fe`f7a61515 : 00000000`ffd5c9b8 00000000`ffd5c9b8 00000000`ffd5c9b8 00000000`00000000 : mscorlib_ni+0x9f1233
000007fe`f7b0f6e2 : 00000001`bfdca3b0 00000000`00000000 00000000`ffd5c9b8 00000000`ffd5c9b8 : mscorlib_ni+0x9f1515
000007fe`f9859714 : 00000001`3fb39a28 00000000`00000000 00000000`00000000 00000000`ffd5c9b8 : mscorlib_ni+0xa9f6e2
000007fe`f9859829 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f985bb74 : 00000000`0fb2d450 00000000`00000008 000007fe`f7a602e0 00000000`00000000 : clr!LogHelp_LogAssert+0x25b19
000007fe`f985c39c : 00000000`00000000 00000000`00000000 00001f80`0010000b 0053002b`002b0033 : clr!LogHelp_LogAssert+0x27e64
000007fe`f9da3ea1 : 00000000`00000000 00000000`0fb2d700 00000000`04af0ed0 00000000`0257ffc0 : clr!LogHelp_LogAssert+0x2868c
000007fe`f9da42e5 : 00000000`00000000 00000000`0fb2e600 00000000`04af0ed0 00000001`3fb39a28 : clr!GetAssemblyIdentityFromFile+0x2aa81
000007fe`f9da454d : 00000000`04af0ed0 00000000`00000000 00000001`3fb39a28 00000000`04af0ed0 : clr!GetAssemblyIdentityFromFile+0x2aec5
000007fe`f9da4aac : 00000000`ffd5c9b8 00000000`00000000 00000000`04af0ed0 00000000`0fb2d630 : clr!GetAssemblyIdentityFromFile+0x2b12d
000007fe`f9da4b9c : 00000000`0fb2d898 00000000`00000001 00000000`00000000 00000000`00000000 : clr!GetAssemblyIdentityFromFile+0x2b68c
000007fe`f9c32ecc : 00000000`00000081 00000000`00000000 00000000`00000000 00000000`00000000 : clr!GetAssemblyIdentityFromFile+0x2b77c
000007fe`f9e97004 : 000007ff`002653f8 00000000`0fb2dda0 000007fe`f6554288 00000000`ffd5c9b8 : clr!CreateAssemblyConfigCookie+0x9f93c
000007fe`f9ea54e8 : 000007fe`f6554288 00000000`00010400 00000000`00010400 00000000`00000000 : clr!TranslateSecurityAttributes+0x39bb4
000007fe`f9854b72 : 00000000`04af0ed0 000007fe`f9908c66 000007fe`00000000 00000000`00000000 : clr!TranslateSecurityAttributes+0x48098
000007fe`f67af41f : 000007ff`001b8140 000007fe`f6554288 00000001`bfdc3360 00000000`0fb2dc08 : clr!LogHelp_LogAssert+0x20e62
000007fe`f67a38e6 : 00000000`00000000 00000000`00000000 00000000`0fb2dd00 000007fe`f9861052 : System_ni+0x2bf41f
000007ff`001a5c34 : 000007ff`001b8140 00000000`00000000 00000000`00000000 000007fe`f99de765 : System_ni+0x2b38e6
000007ff`001a5a12 : 00000001`00000000 000007ff`001b8140 000007ff`001b8140 00000000`0fb2dda0 : 0x7ff`001a5c34
000007ff`00187109 : 000007ff`00187104 00000000`00000046 00000000`0fb24000 00000000`04af0ed0 : 0x7ff`001a5a12
000007fe`f73f30c8 : 00000001`3fb398f8 00000001`3fb39990 00000000`00000000 00000000`00000000 : 0x7ff`00187109
000007fe`f9859714 : 00000000`ffd991a0 00000001`bfdc30d0 00000000`00000000 00000000`00000000 : mscorlib_ni+0x3830c8
000007fe`f9859829 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f98598a5 : 00000000`0fb2e038 00000000`00000002 00000000`0fb2e050 00000000`0fb2e248 : clr!LogHelp_LogAssert+0x25b19
000007fe`f998878a : 00000001`3fb39cd8 00000000`00000000 00000000`0fb2e4b8 00000000`0fb2e2f0 : clr!LogHelp_LogAssert+0x25b95
000007fe`f99885b1 : 00000001`3fb39cd8 00000000`025800c8 00000000`04af0ed0 00000000`025800c8 : clr!PreBindAssemblyEx+0x595c6
000007fe`f73e17b1 : 00000001`3fb39990 00000001`bfdc3090 00000001`ffb46070 00000000`00000000 : clr!PreBindAssemblyEx+0x593ed
000007fe`f73e16fb : 00000001`3fb39990 000007fe`f986200f 00000000`0fb2e558 00000000`00000000 : mscorlib_ni+0x3717b1
000007fe`f7476e5d : 000007ff`001b2020 00000000`000001be 00000001`3fb39990 00000000`0fb2e8d0 : mscorlib_ni+0x3716fb
000007fe`f9859714 : 00000001`3fb399b8 000007fe`f9838477 00000000`00000000 00000000`00000000 : mscorlib_ni+0x406e5d
000007fe`f9859829 : 00000000`00000000 00000000`00000000 000007fe`f7a35cf0 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f98598a5 : 00000000`0fb2e8c8 00000000`00000001 00000000`0fb2e8d0 00000000`0fb2eb20 : clr!LogHelp_LogAssert+0x25b19
000007fe`f9859d88 : 00000000`0fb2eb18 000007fe`f7374860 00000000`0fb2ebb0 000007fe`f713cd7c : clr!LogHelp_LogAssert+0x25b95
000007fe`f9a198a0 : 00000000`0fb2f380 00000000`0fb2eba0 00000000`0fb2f420 000007fe`f754dea0 : clr!LogHelp_LogAssert+0x26078
000007fe`f9869402 : 00000000`00000000 00000000`0fb2f380 00000000`04af0ed0 00000000`00000001 : clr!ClrCreateManagedInstance+0x1d00
000007fe`f9869397 : 00000000`00000000 00000000`770400e0 00000000`0fb2ee60 00000000`00392c70 : clr!LogHelp_LogAssert+0x356f2
000007fe`f9869304 : 00000000`04af12d0 000007fe`f986a0be ffffffff`fffffffe 00000000`003981f4 : clr!LogHelp_LogAssert+0x35687
000007fe`f9869604 : 00000000`0fb2f128 00000000`04af0ed0 00000000`00000000 00000000`04af0ed0 : clr!LogHelp_LogAssert+0x355f4
000007fe`f9c3305a : 00000000`00000000 00000000`02463320 00000000`0257ffc0 000007fe`fd2fb002 : clr!LogHelp_LogAssert+0x358f4
000007fe`f9869638 : 00000000`00000002 00000000`0fb2f380 00000000`0fb2f380 00000000`04af0ed0 : clr!CreateAssemblyConfigCookie+0x9faca
000007fe`f9869397 : 00000000`00000000 00000000`04af0ed0 ffffffff`fffffffe 00000000`04af0ed0 : clr!LogHelp_LogAssert+0x35928
000007fe`f9869304 : 00000000`00000048 00000000`00000001 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x35687
000007fe`f986945b : ffffffff`ffffffff 00000000`04af0ed0 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x355f4
000007fe`f9a196f0 : 00000000`04af0ed0 00000000`0fb2f840 00000000`00000001 00000000`00000000 : clr!LogHelp_LogAssert+0x3574b
000007fe`f998a7c2 : 00000000`04ac1960 00000000`0fb2f438 00000000`04af0ed0 00000000`00000000 : clr!ClrCreateManagedInstance+0x1b50
00000000`76e3652d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : clr!PreBindAssemblyEx+0x5b5fe
00000000`7706c521 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21
OS Thread Id: 0x39f0 (30)
Child SP         IP               Call Site
000000000fb2ced8 000007fefd2fcacd [HelperMethodFrame: 000000000fb2ced8] 
000000000fb2d020 000007fef7a61233 System.Security.CodeAccessSecurityEngine.ThrowSecurityException(System.Reflection.RuntimeAssembly, System.Security.PermissionSet, System.Security.PermissionSet, System.RuntimeMethodHandleInternal, System.Security.Permissions.SecurityAction, System.Object, System.Security.IPermission)
000000000fb2d0b0 000007fef7a61515 System.Security.CodeAccessSecurityEngine.CheckHelper(System.Security.PermissionSet, System.Security.PermissionSet, System.Security.CodeAccessPermission, System.Security.PermissionToken, System.RuntimeMethodHandleInternal, System.Object, System.Security.Permissions.SecurityAction, Boolean)
000000000fb2d120 000007fef7b0f6e2 System.Security.PermissionListSet.CheckDemand(System.Security.CodeAccessPermission, System.Security.PermissionToken, System.RuntimeMethodHandleInternal)
000000000fb2d518 000007fef9859714 [GCFrame: 000000000fb2d518] 
000000000fb2d6d0 000007fef9859714 [GCFrame: 000000000fb2d6d0] 
000000000fb2d828 000007fef9859714 [GCFrame: 000000000fb2d828] 
000000000fb2d8d8 000007fef9859714 [DebuggerSecurityCodeMarkFrame: 000000000fb2d8d8] 
000000000fb2d9b8 000007fef9859714 [HelperMethodFrame: 000000000fb2d9b8] System.StubHelpers.StubHelpers.BeginStandalone(IntPtr, IntPtr, Int32)
000000000fb2dc08 000007fef67af41f [NDirectMethodFrameStandalone: 000000000fb2dc08] Microsoft.Win32.NativeMethods.GetCurrentProcessId()
000000000fb2dbd0 000007fef67af41f DomainNeutralILStubClass.IL_STUB_PInvoke()
000000000fb2dc90 000007fef67a38e6 System.Diagnostics.Process.GetCurrentProcess()
000000000fb2dce0 000007ff001a5c34 Oracle.DataAccess.Client.OracleTuningAgent.GetCurrentVirtualMemorySize()
000000000fb2dd30 000007ff001a5a12 Oracle.DataAccess.Client.OracleTuningAgent.DoScan()
000000000fb2dd80 000007ff00187109 Oracle.DataAccess.Client.OracleTuningAgent.TuningFunction()
000000000fb2de10 000007fef73f30c8 System.Threading.ExecutionContext.runTryCode(System.Object)
000000000fb2e538 000007fef9859714 [HelperMethodFrame_PROTECTOBJ: 000000000fb2e538] System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
000000000fb2e660 000007fef73e17b1 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
000000000fb2e6c0 000007fef73e16fb System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
000000000fb2e710 000007fef7476e5d System.Threading.ThreadHelper.ThreadStart()
000000000fb2eb68 000007fef9859714 [GCFrame: 000000000fb2eb68] 
000000000fb2ef50 000007fef9859714 [DebuggerU2MCatchHandlerFrame: 000000000fb2ef50] 
000000000fb2f128 000007fef9859714 [ContextTransitionFrame: 000000000fb2f128] 
000000000fb2f310 000007fef9859714 [DebuggerU2MCatchHandlerFrame: 000000000fb2f310]

I followed the instructions in the ODP.NET README to add the OraclePermission to the web_mediumtrust.config (32bit and 64bit), but I am still getting the same errors.

Any ideas how to get ODP.NET working correctly with "Medium Trust"?

Here is my web_mediumtrust.config:

<configuration>
  <mscorlib>
    <security>
      <policy>
        <PolicyLevel version="1">
          <SecurityClasses>
            <SecurityClass Name="AllMembershipCondition" Description="System.Security.Policy.AllMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="AspNetHostingPermission" Description="System.Web.AspNetHostingPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="DnsPermission" Description="System.Net.DnsPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="EnvironmentPermission" Description="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="FileIOPermission" Description="System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="FirstMatchCodeGroup" Description="System.Security.Policy.FirstMatchCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="IsolatedStorageFilePermission" Description="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="NamedPermissionSet" Description="System.Security.NamedPermissionSet" />
            <SecurityClass Name="PrintingPermission" Description="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
            <SecurityClass Name="SecurityPermission" Description="System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="SmtpPermission" Description="System.Net.Mail.SmtpPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="SqlClientPermission" Description="System.Data.SqlClient.SqlClientPermission, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="StrongNameMembershipCondition" Description="System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="TypeDescriptorPermission" Description="System.Security.Permissions.TypeDescriptorPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="UIPermission" Description="System.Security.Permissions.UIPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="UnionCodeGroup" Description="System.Security.Policy.UnionCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="UrlMembershipCondition" Description="System.Security.Policy.UrlMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="WebPermission" Description="System.Net.WebPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="ZoneMembershipCondition" Description="System.Security.Policy.ZoneMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="ReflectionPermission" Description="System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <SecurityClass Name="OraclePermission" Description="System.Data.OracleClient.OraclePermission, System.Data.OracleClient, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
          </SecurityClasses>
          <NamedPermissionSets>
            <PermissionSet class="NamedPermissionSet" version="1" Unrestricted="true" Name="FullTrust" Description="Allows full access to all resources" />
            <PermissionSet class="NamedPermissionSet" version="1" Name="Nothing" Description="Denies all resources, including the right to execute" />
            <PermissionSet class="NamedPermissionSet" version="1" Name="ASP.Net">
              <IPermission class="AspNetHostingPermission" version="1" Level="Medium" />
              <IPermission class="DnsPermission" version="1" Unrestricted="true" />
              <IPermission class="EnvironmentPermission" version="1" Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME" />
              <IPermission class="FileIOPermission" version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
              <IPermission class="IsolatedStorageFilePermission" version="1" Allowed="AssemblyIsolationByUser" UserQuota="9223372036854775807" />
              <IPermission class="PrintingPermission" version="1" Level="DefaultPrinting" />
              <IPermission class="SecurityPermission" version="1" Flags="Execution, ControlThread, ControlPrincipal, RemotingConfiguration" />
              <IPermission class="SmtpPermission" version="1" Access="Connect" />
              <IPermission class="SqlClientPermission" version="1" Unrestricted="true" />
              <IPermission class="TypeDescriptorPermission" version="1" Unrestricted="true" />
              <IPermission class="WebPermission" version="1" Unrestricted="true" />
              <IPermission class="ReflectionPermission" version="1" Flags="RestrictedMemberAccess" />
              <IPermission class="OraclePermission" version="1" Unrestricted="true" />
              <IPermission class="Oracle.DataAccess.Client.OraclePermission, Oracle.DataAccess, Version=4.112.2.0, Culture=neutral, PublicKeyToken=89b483f429c47342" version="1" Unrestricted="true" />
            </PermissionSet>
          </NamedPermissionSets>
          <CodeGroup class="FirstMatchCodeGroup" version="1" PermissionSetName="Nothing">
            <IMembershipCondition class="AllMembershipCondition" version="1" />
            <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="ASP.Net">
              <IMembershipCondition class="UrlMembershipCondition" version="1" Url="$AppDirUrl$/*" />
            </CodeGroup>
            <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="ASP.Net">
              <IMembershipCondition class="UrlMembershipCondition" version="1" Url="$CodeGen$/*" />
            </CodeGroup>
          </CodeGroup>
        </PolicyLevel>
      </policy>
    </security>
  </mscorlib>
</configuration>
like image 915
Zach Green Avatar asked Jan 30 '12 18:01

Zach Green


1 Answers

Judging from the error messages, I believe what's going on here is that as the application is running, at some point the ODP.net library spawns an OracleTuningAgent on a separate thread. As the OracleTuningAgent is executing, it makes a call to:

System.Diagnostics.Process.GetCurrentProcess()

The call to GetCurrentProcess requires Full Trust, which causes a SecurityException when you are running under Medium Trust. Since the exception does not occur on the request thread and is unhandled, it causes the web application to recycle (see risk #1).

To be sure I created a test web application and set it to Medium Trust. I then tried to call System.Diagnostics.Process.GetCurrentProcess(), and I got the following exception:

Security Exception

The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request failed.

I tried High Trust as well and got the same result. Running under Full Trust, my test app worked fine.

So to answer the question as asked, it seems that ODP.net causes w3wp to crash under Medium Trust because the call to Process.GetCurrentProcess() requires Full Trust. You may be able to get your code to work under Medium Trust if there is some way to either:

  1. Configure .NET so that the call to Process.GetCurrentProcess() can work under Medium Trust
    (I tried and couldn't come up with a way, but that certainly doesn't mean it's not possible), or
  2. Turn off the OracleTuningAgent in ODP.net
like image 168
rsbarro Avatar answered Sep 23 '22 00:09

rsbarro