环境:
Windows Server 2008 R2
IIS 7.5
.NET 4.0, Integrated Application Pool
Oracle Client 11.2.0.2.0
ODP.net 11.2.0.2.3
我有一个网站使用 ODP.net 连接到我们的 Oracle 数据库,在“完全信任”下,该应用程序运行完美。但是,当我将应用程序更改为使用“中等信任”时,我开始从应用程序中获取不一致的 NullReferenceExceptions。大部分时间代码都有效,但每 10 个请求左右我就会收到 NullReferenceException。查看事件日志后,我发现 NullRefernceException 通常对应于 w3wp.exe 崩溃。
Faulting application name: w3wp.exe, version: 7.5.7601.17514, time stamp: 0x4ce7afa2
Faulting module name: OraOps11w.dll, version: 2.112.2.0, time stamp: 0x4cea1904
Exception code: 0xc0000005
Fault offset: 0x0000000000024d56
Faulting process id: 0x3ba4
Faulting application start time: 0x01ccdf556d68384a
Faulting application path: c:\windows\system32\inetsrv\w3wp.exe
Faulting module path: C:\Oracle64\product\11.2.0\client\bin\OraOps11w.dll1
显然问题出在 ODP.NET,但为什么它会在“中等信任”中崩溃 w3wp.exe。因此,为了确保我的代码没有做错什么,我编写了最简单的 ASP.NET Web 应用程序:
protected void Page_Load(object sender, EventArgs e) {
using(OracleConnection conn = new OracleConnection(GetMyConnectionString())){
using (OracleCommand cmd = new OracleCommand("select localtimestamp from dual", conn)) {
conn.Open();
this.aLiteral.Text = ((DateTime)cmd.ExecuteScalar()).ToLongDateString();
}
}
}
在“完全信任”下,应用程序运行良好。在“中等信任”下,该应用程序似乎运行良好,但当我将 IIS 调试诊断工具连接到该应用程序的应用程序池时,该应用程序抛出了数千个这样的错误:
[1/30/2012 12:50:25 PM] First chance exception - 0xe0434352 caused by thread with System ID: 14832
[1/30/2012 12:50:25 PM] Stack Trace
RetAddr : Args to Child : Call Site
000007fe`f9990845 : 00000000`04af0ed0 00000000`00000001 00000000`00000000 00000001`bfe3a0b8 : KERNELBASE!RaiseException+0x3d
000007fe`f9993226 : 00000001`bfe3a0b8 00000000`00000000 00000001`bfe3a0b8 00000001`bfe3a0b8 : clr!PreBindAssemblyEx+0x61681
000007fe`f7a61233 : 00000000`00000000 00000000`00000000 00000001`bfdca3b0 00000000`00000000 : clr!PreBindAssemblyEx+0x64062
000007fe`f7a61515 : 00000000`ffd5c9b8 00000000`ffd5c9b8 00000000`ffd5c9b8 00000000`00000000 : mscorlib_ni+0x9f1233
000007fe`f7b0f6e2 : 00000001`bfdca3b0 00000000`00000000 00000000`ffd5c9b8 00000000`ffd5c9b8 : mscorlib_ni+0x9f1515
000007fe`f9859714 : 00000001`3fb39a28 00000000`00000000 00000000`00000000 00000000`ffd5c9b8 : mscorlib_ni+0xa9f6e2
000007fe`f9859829 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f985bb74 : 00000000`0fb2d450 00000000`00000008 000007fe`f7a602e0 00000000`00000000 : clr!LogHelp_LogAssert+0x25b19
000007fe`f985c39c : 00000000`00000000 00000000`00000000 00001f80`0010000b 0053002b`002b0033 : clr!LogHelp_LogAssert+0x27e64
000007fe`f9da3ea1 : 00000000`00000000 00000000`0fb2d700 00000000`04af0ed0 00000000`0257ffc0 : clr!LogHelp_LogAssert+0x2868c
000007fe`f9da42e5 : 00000000`00000000 00000000`0fb2e600 00000000`04af0ed0 00000001`3fb39a28 : clr!GetAssemblyIdentityFromFile+0x2aa81
000007fe`f9da454d : 00000000`04af0ed0 00000000`00000000 00000001`3fb39a28 00000000`04af0ed0 : clr!GetAssemblyIdentityFromFile+0x2aec5
000007fe`f9da4aac : 00000000`ffd5c9b8 00000000`00000000 00000000`04af0ed0 00000000`0fb2d630 : clr!GetAssemblyIdentityFromFile+0x2b12d
000007fe`f9da4b9c : 00000000`0fb2d898 00000000`00000001 00000000`00000000 00000000`00000000 : clr!GetAssemblyIdentityFromFile+0x2b68c
000007fe`f9c32ecc : 00000000`00000081 00000000`00000000 00000000`00000000 00000000`00000000 : clr!GetAssemblyIdentityFromFile+0x2b77c
000007fe`f9e97004 : 000007ff`002653f8 00000000`0fb2dda0 000007fe`f6554288 00000000`ffd5c9b8 : clr!CreateAssemblyConfigCookie+0x9f93c
000007fe`f9ea54e8 : 000007fe`f6554288 00000000`00010400 00000000`00010400 00000000`00000000 : clr!TranslateSecurityAttributes+0x39bb4
000007fe`f9854b72 : 00000000`04af0ed0 000007fe`f9908c66 000007fe`00000000 00000000`00000000 : clr!TranslateSecurityAttributes+0x48098
000007fe`f67af41f : 000007ff`001b8140 000007fe`f6554288 00000001`bfdc3360 00000000`0fb2dc08 : clr!LogHelp_LogAssert+0x20e62
000007fe`f67a38e6 : 00000000`00000000 00000000`00000000 00000000`0fb2dd00 000007fe`f9861052 : System_ni+0x2bf41f
000007ff`001a5c34 : 000007ff`001b8140 00000000`00000000 00000000`00000000 000007fe`f99de765 : System_ni+0x2b38e6
000007ff`001a5a12 : 00000001`00000000 000007ff`001b8140 000007ff`001b8140 00000000`0fb2dda0 : 0x7ff`001a5c34
000007ff`00187109 : 000007ff`00187104 00000000`00000046 00000000`0fb24000 00000000`04af0ed0 : 0x7ff`001a5a12
000007fe`f73f30c8 : 00000001`3fb398f8 00000001`3fb39990 00000000`00000000 00000000`00000000 : 0x7ff`00187109
000007fe`f9859714 : 00000000`ffd991a0 00000001`bfdc30d0 00000000`00000000 00000000`00000000 : mscorlib_ni+0x3830c8
000007fe`f9859829 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f98598a5 : 00000000`0fb2e038 00000000`00000002 00000000`0fb2e050 00000000`0fb2e248 : clr!LogHelp_LogAssert+0x25b19
000007fe`f998878a : 00000001`3fb39cd8 00000000`00000000 00000000`0fb2e4b8 00000000`0fb2e2f0 : clr!LogHelp_LogAssert+0x25b95
000007fe`f99885b1 : 00000001`3fb39cd8 00000000`025800c8 00000000`04af0ed0 00000000`025800c8 : clr!PreBindAssemblyEx+0x595c6
000007fe`f73e17b1 : 00000001`3fb39990 00000001`bfdc3090 00000001`ffb46070 00000000`00000000 : clr!PreBindAssemblyEx+0x593ed
000007fe`f73e16fb : 00000001`3fb39990 000007fe`f986200f 00000000`0fb2e558 00000000`00000000 : mscorlib_ni+0x3717b1
000007fe`f7476e5d : 000007ff`001b2020 00000000`000001be 00000001`3fb39990 00000000`0fb2e8d0 : mscorlib_ni+0x3716fb
000007fe`f9859714 : 00000001`3fb399b8 000007fe`f9838477 00000000`00000000 00000000`00000000 : mscorlib_ni+0x406e5d
000007fe`f9859829 : 00000000`00000000 00000000`00000000 000007fe`f7a35cf0 00000000`00000000 : clr!LogHelp_LogAssert+0x25a04
000007fe`f98598a5 : 00000000`0fb2e8c8 00000000`00000001 00000000`0fb2e8d0 00000000`0fb2eb20 : clr!LogHelp_LogAssert+0x25b19
000007fe`f9859d88 : 00000000`0fb2eb18 000007fe`f7374860 00000000`0fb2ebb0 000007fe`f713cd7c : clr!LogHelp_LogAssert+0x25b95
000007fe`f9a198a0 : 00000000`0fb2f380 00000000`0fb2eba0 00000000`0fb2f420 000007fe`f754dea0 : clr!LogHelp_LogAssert+0x26078
000007fe`f9869402 : 00000000`00000000 00000000`0fb2f380 00000000`04af0ed0 00000000`00000001 : clr!ClrCreateManagedInstance+0x1d00
000007fe`f9869397 : 00000000`00000000 00000000`770400e0 00000000`0fb2ee60 00000000`00392c70 : clr!LogHelp_LogAssert+0x356f2
000007fe`f9869304 : 00000000`04af12d0 000007fe`f986a0be ffffffff`fffffffe 00000000`003981f4 : clr!LogHelp_LogAssert+0x35687
000007fe`f9869604 : 00000000`0fb2f128 00000000`04af0ed0 00000000`00000000 00000000`04af0ed0 : clr!LogHelp_LogAssert+0x355f4
000007fe`f9c3305a : 00000000`00000000 00000000`02463320 00000000`0257ffc0 000007fe`fd2fb002 : clr!LogHelp_LogAssert+0x358f4
000007fe`f9869638 : 00000000`00000002 00000000`0fb2f380 00000000`0fb2f380 00000000`04af0ed0 : clr!CreateAssemblyConfigCookie+0x9faca
000007fe`f9869397 : 00000000`00000000 00000000`04af0ed0 ffffffff`fffffffe 00000000`04af0ed0 : clr!LogHelp_LogAssert+0x35928
000007fe`f9869304 : 00000000`00000048 00000000`00000001 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x35687
000007fe`f986945b : ffffffff`ffffffff 00000000`04af0ed0 00000000`00000000 00000000`00000000 : clr!LogHelp_LogAssert+0x355f4
000007fe`f9a196f0 : 00000000`04af0ed0 00000000`0fb2f840 00000000`00000001 00000000`00000000 : clr!LogHelp_LogAssert+0x3574b
000007fe`f998a7c2 : 00000000`04ac1960 00000000`0fb2f438 00000000`04af0ed0 00000000`00000000 : clr!ClrCreateManagedInstance+0x1b50
00000000`76e3652d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : clr!PreBindAssemblyEx+0x5b5fe
00000000`7706c521 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21
OS Thread Id: 0x39f0 (30)
Child SP IP Call Site
000000000fb2ced8 000007fefd2fcacd [HelperMethodFrame: 000000000fb2ced8]
000000000fb2d020 000007fef7a61233 System.Security.CodeAccessSecurityEngine.ThrowSecurityException(System.Reflection.RuntimeAssembly, System.Security.PermissionSet, System.Security.PermissionSet, System.RuntimeMethodHandleInternal, System.Security.Permissions.SecurityAction, System.Object, System.Security.IPermission)
000000000fb2d0b0 000007fef7a61515 System.Security.CodeAccessSecurityEngine.CheckHelper(System.Security.PermissionSet, System.Security.PermissionSet, System.Security.CodeAccessPermission, System.Security.PermissionToken, System.RuntimeMethodHandleInternal, System.Object, System.Security.Permissions.SecurityAction, Boolean)
000000000fb2d120 000007fef7b0f6e2 System.Security.PermissionListSet.CheckDemand(System.Security.CodeAccessPermission, System.Security.PermissionToken, System.RuntimeMethodHandleInternal)
000000000fb2d518 000007fef9859714 [GCFrame: 000000000fb2d518]
000000000fb2d6d0 000007fef9859714 [GCFrame: 000000000fb2d6d0]
000000000fb2d828 000007fef9859714 [GCFrame: 000000000fb2d828]
000000000fb2d8d8 000007fef9859714 [DebuggerSecurityCodeMarkFrame: 000000000fb2d8d8]
000000000fb2d9b8 000007fef9859714 [HelperMethodFrame: 000000000fb2d9b8] System.StubHelpers.StubHelpers.BeginStandalone(IntPtr, IntPtr, Int32)
000000000fb2dc08 000007fef67af41f [NDirectMethodFrameStandalone: 000000000fb2dc08] Microsoft.Win32.NativeMethods.GetCurrentProcessId()
000000000fb2dbd0 000007fef67af41f DomainNeutralILStubClass.IL_STUB_PInvoke()
000000000fb2dc90 000007fef67a38e6 System.Diagnostics.Process.GetCurrentProcess()
000000000fb2dce0 000007ff001a5c34 Oracle.DataAccess.Client.OracleTuningAgent.GetCurrentVirtualMemorySize()
000000000fb2dd30 000007ff001a5a12 Oracle.DataAccess.Client.OracleTuningAgent.DoScan()
000000000fb2dd80 000007ff00187109 Oracle.DataAccess.Client.OracleTuningAgent.TuningFunction()
000000000fb2de10 000007fef73f30c8 System.Threading.ExecutionContext.runTryCode(System.Object)
000000000fb2e538 000007fef9859714 [HelperMethodFrame_PROTECTOBJ: 000000000fb2e538] System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
000000000fb2e660 000007fef73e17b1 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
000000000fb2e6c0 000007fef73e16fb System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
000000000fb2e710 000007fef7476e5d System.Threading.ThreadHelper.ThreadStart()
000000000fb2eb68 000007fef9859714 [GCFrame: 000000000fb2eb68]
000000000fb2ef50 000007fef9859714 [DebuggerU2MCatchHandlerFrame: 000000000fb2ef50]
000000000fb2f128 000007fef9859714 [ContextTransitionFrame: 000000000fb2f128]
000000000fb2f310 000007fef9859714 [DebuggerU2MCatchHandlerFrame: 000000000fb2f310]
我按照 ODP.NET 自述文件中的说明将 OraclePermission 添加到 web_mediumtrust.config(32 位和 64 位),但我仍然遇到相同的错误。
关于如何让 ODP.NET 与“中等信任”一起正常工作的任何想法?
这是我的 web_mediumtrust.config:
<configuration>
<mscorlib>
<security>
<policy>
<PolicyLevel version="1">
<SecurityClasses>
<SecurityClass Name="AllMembershipCondition" Description="System.Security.Policy.AllMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="AspNetHostingPermission" Description="System.Web.AspNetHostingPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="DnsPermission" Description="System.Net.DnsPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="EnvironmentPermission" Description="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="FileIOPermission" Description="System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="FirstMatchCodeGroup" Description="System.Security.Policy.FirstMatchCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="IsolatedStorageFilePermission" Description="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="NamedPermissionSet" Description="System.Security.NamedPermissionSet" />
<SecurityClass Name="PrintingPermission" Description="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<SecurityClass Name="SecurityPermission" Description="System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="SmtpPermission" Description="System.Net.Mail.SmtpPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="SqlClientPermission" Description="System.Data.SqlClient.SqlClientPermission, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="StrongNameMembershipCondition" Description="System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="TypeDescriptorPermission" Description="System.Security.Permissions.TypeDescriptorPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="UIPermission" Description="System.Security.Permissions.UIPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="UnionCodeGroup" Description="System.Security.Policy.UnionCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="UrlMembershipCondition" Description="System.Security.Policy.UrlMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="WebPermission" Description="System.Net.WebPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="ZoneMembershipCondition" Description="System.Security.Policy.ZoneMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="ReflectionPermission" Description="System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="OraclePermission" Description="System.Data.OracleClient.OraclePermission, System.Data.OracleClient, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</SecurityClasses>
<NamedPermissionSets>
<PermissionSet class="NamedPermissionSet" version="1" Unrestricted="true" Name="FullTrust" Description="Allows full access to all resources" />
<PermissionSet class="NamedPermissionSet" version="1" Name="Nothing" Description="Denies all resources, including the right to execute" />
<PermissionSet class="NamedPermissionSet" version="1" Name="ASP.Net">
<IPermission class="AspNetHostingPermission" version="1" Level="Medium" />
<IPermission class="DnsPermission" version="1" Unrestricted="true" />
<IPermission class="EnvironmentPermission" version="1" Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME" />
<IPermission class="FileIOPermission" version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
<IPermission class="IsolatedStorageFilePermission" version="1" Allowed="AssemblyIsolationByUser" UserQuota="9223372036854775807" />
<IPermission class="PrintingPermission" version="1" Level="DefaultPrinting" />
<IPermission class="SecurityPermission" version="1" Flags="Execution, ControlThread, ControlPrincipal, RemotingConfiguration" />
<IPermission class="SmtpPermission" version="1" Access="Connect" />
<IPermission class="SqlClientPermission" version="1" Unrestricted="true" />
<IPermission class="TypeDescriptorPermission" version="1" Unrestricted="true" />
<IPermission class="WebPermission" version="1" Unrestricted="true" />
<IPermission class="ReflectionPermission" version="1" Flags="RestrictedMemberAccess" />
<IPermission class="OraclePermission" version="1" Unrestricted="true" />
<IPermission class="Oracle.DataAccess.Client.OraclePermission, Oracle.DataAccess, Version=4.112.2.0, Culture=neutral, PublicKeyToken=89b483f429c47342" version="1" Unrestricted="true" />
</PermissionSet>
</NamedPermissionSets>
<CodeGroup class="FirstMatchCodeGroup" version="1" PermissionSetName="Nothing">
<IMembershipCondition class="AllMembershipCondition" version="1" />
<CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="ASP.Net">
<IMembershipCondition class="UrlMembershipCondition" version="1" Url="$AppDirUrl$/*" />
</CodeGroup>
<CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="ASP.Net">
<IMembershipCondition class="UrlMembershipCondition" version="1" Url="$CodeGen$/*" />
</CodeGroup>
</CodeGroup>
</PolicyLevel>
</policy>
</security>
</mscorlib>
</configuration>
最佳答案
从错误消息来看,我相信这里发生的事情是在应用程序运行时,ODP.net 库在某个时候在单独的线程上生成 OracleTuningAgent。当 OracleTuningAgent 正在执行时,它会调用:
System.Diagnostics.Process.GetCurrentProcess()
调用 GetCurrentProcess requires Full Trust ,当您在中等信任下运行时会导致 SecurityException。由于异常没有发生在请求线程上并且未被处理,it causes the web application to recycle (见风险 #1)。
为了确定,我创建了一个测试 Web 应用程序并将其设置为中等信任度。然后我尝试调用 System.Diagnostics.Process.GetCurrentProcess(),但出现以下异常:
Security Exception
The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request failed.
我也尝试了 High Trust 并得到了相同的结果。在 Full Trust 下运行,我的测试应用运行良好。
所以要回答所问的问题,似乎 ODP.net 导致 w3wp 在中等信任下崩溃,因为对 Process.GetCurrentProcess() 的调用需要完全信任。如果有某种方式,您可能能够让您的代码在 Medium Trust 下工作:
- 配置 .NET,以便对
Process.GetCurrentProcess()的调用可以在 Medium Trust 下工作
(我试过但想不出办法,但这肯定不行'不是说不可能),或者 - 关闭ODP.net中的
OracleTuningAgent
关于c# - 中等信任下的 ODP.net 访问违规,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9068789/