BinaryFormatter.UnsafeDeserialize(Stream, HeaderHandler) 方法

定义

将指定的流反序列化为对象图形。Deserializes the specified stream into an object graph. 所提供的 HeaderHandler 处理该流中的任何标题。The provided HeaderHandler handles any headers in that stream.

public:
 System::Object ^ UnsafeDeserialize(System::IO::Stream ^ serializationStream, System::Runtime::Remoting::Messaging::HeaderHandler ^ handler);
[System.Runtime.InteropServices.ComVisible(false)]
public object UnsafeDeserialize (System.IO.Stream serializationStream, System.Runtime.Remoting.Messaging.HeaderHandler handler);
[System.Runtime.InteropServices.ComVisible(false)]
[System.Security.SecurityCritical]
public object UnsafeDeserialize (System.IO.Stream serializationStream, System.Runtime.Remoting.Messaging.HeaderHandler handler);
member this.UnsafeDeserialize : System.IO.Stream * System.Runtime.Remoting.Messaging.HeaderHandler -> obj
Public Function UnsafeDeserialize (serializationStream As Stream, handler As HeaderHandler) As Object

参数

serializationStream
Stream

要从其中反序列化对象图形的流。The stream from which to deserialize the object graph.

handler
HeaderHandler

处理 HeaderHandler 中的任何标题的 serializationStreamThe HeaderHandler that handles any headers in the serializationStream. 可以为 nullCan be null.

返回

反序列化的对象或对象图形的顶级对象(根)。The deserialized object or the top object (root) of the object graph.

属性

异常

serializationStreamnullThe serializationStream is null.

serializationStream 支持查找,但其长度为 0。The serializationStream supports seeking, but its length is 0.

调用方没有所要求的权限。The caller does not have the required permission.

注解

标头仅用于特定的远程处理应用程序。Headers are used only for specific remoting applications.

此方法使用 SecurityAction.LinkDemand 来防止不受信任的代码调用该方法;只有直接调用方才需要具有 SecurityPermissionAttribute.SerializationFormatter 权限。This method uses SecurityAction.LinkDemand to prevent it from being called from untrusted code; only the immediate caller is required to have SecurityPermissionAttribute.SerializationFormatter permission. 如果你的代码可从部分受信任的代码调用,请不要使用此方法。Do not use this method if your code can be called from partially trusted code. 在部分受信任的方案中,改用 DeserializeIn partially trusted scenarios, use Deserialize instead. 在完全信任的情况下,UnsafeDeserializeDeserialize提供更好的性能。In full trust scenarios, UnsafeDeserialize provides better performance than Deserialize.

若要成功进行反序列化,流中的当前位置必须位于对象图的开头。For successful deserialization, the current position in the stream must be at the beginning of the object graph.

重要

使用不受信任的数据调用此方法存在安全风险。Calling this method with untrusted data is a security risk. 仅使用受信任的数据调用此方法。Call this method only with trusted data. 有关详细信息,请参阅数据验证For more information, see Data Validation.

适用于