| 发明名称 |
Out-of-band framework libraries within applications |
| 摘要 |
An enhanced binder provides flexibility and certainty when selecting a version of a software library to load, and an enhanced loader prevents a library version vulnerable to a security flaw from being loaded. The binder can perform unification, implicit override, and/or redirection. Implicit override searches assembly-specific locations for an implicit_version, and override the previously chosen unification or other version with the implicit_version when the implicit_version is greater. The implicit_version gets updated with the individual assembly, whereas the unification_version gets updated with the framework. Redirection may override the implicit_version. Unlike redirection, an implicit_version does not recite an explicit range and is found outside application configuration files. The implicit_version is specified implicitly by the assembly without an XML declaration. Vulnerable libraries are not loaded, based on out-of-band metadata placed in response to a list of known out-of-band assemblies, an out-of-band-servicing attribute, or a custom servicing library. |
| 申请公布号 |
US9009693(B2) |
申请公布日期 |
2015.04.14 |
| 申请号 |
US201313889469 |
申请日期 |
2013.05.08 |
| 申请人 |
Microsoft Corporation |
发明人 |
St. John Eric;Bhojani Mohammad Rahim;Shriram Alok;Kean David;Swarnkar Divya;Khanna Kumar Gaurav;Kok Gaye Oncul;Kotas Jan;Rayhelson Michael J.;Rousos Michael;Su Weitao;Cohn Matthew Charles;Chen Zhanliang |
| 分类号 |
G06F9/44;G06F9/445 |
主分类号 |
G06F9/44 |
| 代理机构 |
|
代理人 |
Sullivan Kevin;Drakos Kate;Minhas Micky |
| 主权项 |
1. A computer system comprising:
at least one processor; a memory in operable communication with the processor(s); and a binder residing in the memory and having implicit override code, the binder configured to interact with the processor and memory to determine which version of a requested assembly will be identified to a loader for loading to support execution of an application; the implicit override code including code to search for an implicit_version in at least one assembly-specific location, the implicit override code also including code to compare the implicit_version to an other version after the implicit_version is found, the implicit override code also including code to conditionally override the other version with the implicit_version when the implicit_version is greater than the other version; wherein the binder also includes framework unification code which is configured to check whether the requested assembly is in a predefined framework of assemblies which are coupled to a managed runtime, the framework unification code including code to compare a requested_version with a unification_version and to conditionally override the requested_version with the unification_version when the unification_version is greater than the requested_version and the requested assembly is in the predefined framework of assemblies, and wherein the binder is configured to invoke the framework unification code to obtain a unification phase result and then invoke the implicit override code with the unification phase result to obtain an implicit override phase result. |
| 地址 |
Redmond WA US |
