How can we help you today? How can we help you today?

Obfuscation of Serializable type

I've found an issue with SmartAssembly's treatment of serializable types.  If I have code like this in a .EXE assembly:

public enum MyEnum { value1, value2 }

SmartAssembly avoids obfuscating Serializable classes, to prevent problems with deserialization.  But it doesn't seem to follow the object graph properly.  It detects that MyEnum is used in a Serializable type, and so correctly avoids obfuscating the values of MyEnum.  But because MyOtherEnum is used indirectly as a Nullable<MyOtherEnum>, SmartAssembly doesn't pick it up as being used in the Serializable type, obfuscates it, and now I can't deserialize any instance of MySerializableType that was serialized in an unobfuscated (or differently obfuscated) build.

I have to explicitly mark MyOtherEnum as Serializable to prevent it being obfuscated (normally unnecessary because enums are implicitly serializable).

I think SmartAssembly needs to consider generic type parameters when working out what's part of a Serializable class.  If the class contains a Nullable<Something> or a List<Something>, then the "Something" is going to need to remain unobfuscated if you want to avoid problems with serialization.
Andy_L
0

Comments

3 comments

Sort by
  • Russell D
    It's exactly as you've said, and to be honest we're a bit surprised we don't support this. Generics are not well processed. It seems to be relatively easy to fix but we feel it may need consideration about the UI.

    Automatically turning off everything that's correlated to serializable types in an application may introduce disabling obfuscation for a lot of its functionality. Thus the user should be informed when it happens AND/OR we should introduce a SmartAssembly serialization mechanism that will be able to obfuscate and serialize things properly (it may be just some interface-ish API). 

    We'll discuss it and see how to proceed.
    Russell D
    0
  • Andy_L
    Thanks for confirming the situation Russell.  I look forward to hearing your conclusions.
    Andy_L
    0
  • Russell D
    Hi @Andy_L apologies for the length of time this has taken but todays release has fixed this: https://download.red-gate.com/checkforupdates/SmartAssembly/SmartAssembly_7.0.9.2591.exe. Please let me know how you get on.
    Russell D
    0

Add comment

Please sign in to leave a comment.