AMQNET-844 Allow, deny types fix

Havret · Havret · commit 8944c4126dfa · 2025-02-03T15:11:49.000+01:00
diff --git a/src/Commands/TrustedClassFilter.cs b/src/Commands/TrustedClassFilter.cs
@@ -37,12 +37,17 @@ public override Type BindToType(string assemblyName, string typeName)
             var name = new AssemblyName(assemblyName);
             var assembly = Assembly.Load(name);
             var type = FormatterServices.GetTypeFromAssembly(assembly, typeName);
+            if (type == null)
+            {
+                throw new SerializationException($"Type {typeName} not found in assembly {assemblyName}");
+            }
+            
             if (deserializationPolicy.IsTrustedType(destination, type))
             {
                 return type;
             }
 
-            var message = $"Forbidden {type.FullName}! " +
+            var message = $"Forbidden {type.FullName ?? typeName}! " +
                           "This type is not trusted to be deserialized under the current configuration. " +
                           "Please refer to the documentation for more information on how to configure trusted types.";
             throw new SerializationException(message);
diff --git a/src/NmsDefaultDeserializationPolicy.cs b/src/NmsDefaultDeserializationPolicy.cs
@@ -48,10 +48,10 @@ public class NmsDefaultDeserializationPolicy : INmsDeserializationPolicy
         
         public bool IsTrustedType(IDestination destination, Type type)
         {
-            var typeName = type?.FullName;
+            var typeName = type.FullName;
             if (typeName == null)
             {
-                return true;
+                return false;
             }
 
             foreach (var denyListEntry in denyList)
diff --git a/test/MessageConsumerTest.cs b/test/MessageConsumerTest.cs
@@ -370,11 +370,70 @@ public void TestShouldUseCustomDeserializationPolicy()
             });
         }
         
+        // https://codewhitesec.blogspot.com/2022/06/bypassing-dotnet-serialization-binders.html
+        [Test, Timeout(20_000)]
+        public void TestShouldNotDeserializeMaliciousType()
+        {
+            string uri = "activemq:tcp://${{activemqhost}}:61616" + $"?nms.deserializationPolicy.allowList={typeof(TrustedType).FullName}";
+            var factory = new ConnectionFactory(ReplaceEnvVar(uri));
+            using var connection = factory.CreateConnection("", "");
+
+            connection.Start();
+            var session = connection.CreateSession(AcknowledgementMode.AutoAcknowledge);
+            var queue = session.GetQueue(Guid.NewGuid().ToString());
+            var consumer = session.CreateConsumer(queue);
+            var producer = session.CreateProducer(queue);
+            
+            var message = producer.CreateObjectMessage(new MaliciousSerializable());
+            producer.Send(message);
+
+            var receivedMessage = consumer.Receive();
+            var objectMessage = receivedMessage as IObjectMessage;
+            Assert.NotNull(objectMessage);
+            Assert.Throws<SerializationException>(() =>
+            {
+                _ = objectMessage.Body;
+            });
+        }        
+        
         [Serializable]
         public class UntrustedType
         {
             public string Prop1 { get; set; }
         }
+        
+        [Serializable]
+        public class TrustedType
+        {
+            // ReSharper disable once UnusedMember.Global
+            public string Prop1 { get; set; }
+        }
+        
+        [Serializable]
+        public class MaliciousSerializable : ISerializable
+        {
+            private readonly string _payloadData = "Injected Payload";
+
+            public MaliciousSerializable() { }
+
+            protected MaliciousSerializable(SerializationInfo info, StreamingContext context)
+            {
+                _payloadData = info.GetString("InjectedValue");
+            }
+
+            public void GetObjectData(SerializationInfo info, StreamingContext context)
+            {
+                Type type = typeof(TrustedType);
+
+                // Manipulate serialization info to trick deserialization
+                info.SetType(type);
+                info.FullTypeName = type.AssemblyQualifiedName; // This should result in null
+                info.AssemblyName = "mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089";
+
+                // Inject a fake property
+                info.AddValue("InjectedValue", _payloadData);
+            }
+        }        
 
         private class CustomDeserializationPolicy : INmsDeserializationPolicy
         {

Original file line number	Diff line number	Diff line change
`@@ -48,10 +48,10 @@ public class NmsDefaultDeserializationPolicy : INmsDeserializationPolicy`
`48`	`48`
`49`	`49`	`public bool IsTrustedType(IDestination destination, Type type)`
`50`	`50`	`{`
`51`		`- var typeName = type?.FullName;`
	`51`	`+ var typeName = type.FullName;`
`52`	`52`	`if (typeName == null)`
`53`	`53`	`{`
`54`		`- return true;`
	`54`	`+ return false;`
`55`	`55`	`}`
`56`	`56`
`57`	`57`	`foreach (var denyListEntry in denyList)`