• 0

C#] Binary Serialize - Deserialize in another app?


Question

Here's the situation. I developed a Serializable class in one application, and then I binary serialize the info to a file. Using the exact same class in another one of my applications, I cannot deserialize because of some security measures in the .NET framework.

Here's the error I get when dezserializing in the other app:

SerializationException:
Unable to find assembly 'GDB Tester App, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.

Where 'GDB Tester App' is the name of the app that was used for serialization.

How can I workaround these darn security measures?

Thanks in advance.

11 answers to this question

Recommended Posts

  • 0
  Express said:
Thats not a security exception.

586125094[/snapback]

Oh, according to the MSDN documentation it said it was - but you're right. I don't see how it could be very secure.

  Quote
If you serializing custom objects then you should define the custom class in a shared assembly that would refrenced by both the class that deserializes and the class that serializes.

Is there any way I could deserialize with anything (i.e. not just a shared assembly)?

  • 0
  Express said:
You can use Xml Serialization instead.

586125607[/snapback]

Crap. I knew it would all come back to XML. There is a utility to convert XML Schemas (xsd.exe) to C# classes, but is there any utility to write XML schemas? It's very tedious, and an often error prone process.

If not, then I guess I'll have to start crankin' out the verbose and ugly XML by hand.

  • 0
  VB Guy said:
Crap. I knew it would all come back to XML. There is a utility to convert XML Schemas (xsd.exe) to C# classes, but is there any utility to write XML schemas? It's very tedious, and an often error prone process.

If not, then I guess I'll have to start crankin' out the verbose and ugly XML by hand.

586125817[/snapback]

Its not very complicated. You can just tag all your public fields with [XmlAttribute].

  • 0

Personally, I would suggest writing your own binary serialization for the classes that you want to convert into bytes. That's what I normally do. It is more work, but it's easier to maintain (you don't get the problems you're having), and it's faster to read/write the data.

  • 0
  dannysmurf said:
Personally, I would suggest writing your own binary serialization for the classes that you want to convert into bytes. That's what I normally do. It is more work, but it's easier to maintain (you don't get the problems you're having), and it's faster to read/write the data.

586126790[/snapback]

Could you give me a small example on how to do that?

  • 0

Sure. Just convert the objects in the class to their byte equivalents and write the bytes to a file. Say you have a class that represents a person:

public class Person
{
 ? public String FirstName = "";
 ? public String LastName = "";
 ? public Int32 Age = 0;

 ? public Person() {};

 ? public void Serialize(String Filepath)
 ? {
 ? ? ?// Convert the class' data to bytes for writing

 ? ? ?byte[] firstNameBytes = System.Text.Encoding.UTF8.GetBytes(FirstName);
 ? ? ?byte[] lastNameBytes = System.Text.Encoding.UTF8.GetBytes(LastName);
 ? ? ?byte[] ageBytes = System.BitConverter.GetBytes(Age);

 ? ? ?// You'll need to store the lengths of any strings in the file, since strings can be any length. Integers and other numbers have fixed lengths. Integers are four bytes, doubles are eight bytes, etc.

 ? ? ?byte[] fnbLength = BitConverter.GetBytes(firstNameBytes.Length);
 ? ? ?byte[] lnbLength = BitConverter.GetBytes(lastNameBytes.Length);
 ? ? ?
 ? ? ?FileStream fs = new FileStream(Filepath,FileMode.Create,FileAccess.Write);
 ? ? ?// Write any file-identification data you want to here

 ? ? ?// Write the class data into the file.
 ? ? ?fs.Write(fnbLength,0,4);
 ? ? ?fs.Write(firstNameBytes,0,firstNameBytes.Length);
 ? ? ?fs.Write(lnbLength,0,4);
 ? ? ?fs.Write(lastNameBytes,0,lastNameBytes.Length);
 ? ? ?fs.Write(ageBytes,0,4);
 ? ? ?fs.Close();
 ? }

 ? public void Deserialize(String Filepath)
 ? {
 ? ? ?// Create byte array variables for all the known-length entities in the file
 ? ? ?byte[] fnbLength = new byte[4];
 ? ? ?byte[] lnbLength = new byte[4];
 ? ? ?byte[] ageBytes = new byte[4];

 ? ? ?FileStream fs = new FileStream(Filepath,FileMode.Open,FileAccess.Read);
 ? ? ?// Read back the file identification data, if any

 ? ? ?// Read the class data from the file
 ? ? ?fs.Read(fnbLength,0,4);
 ? ? ?byte[] firstNameBytes = new byte[BitConverter.ToInt32(fnbLength,0)];
 ? ? ?fs.Read(firstNameBytes,0,firstNameBytes.Length);
 ? ? ?fs.Read(lnbLength,0,4);
 ? ? ?byte[] lastNameBytes = new byte[BitConverter.ToInt32(lnbLength,0)];
 ? ? ?fs.Read(lastNameBytes,0,lastNameBytes.Length);
 ? ? ?fs.Read(ageBytes,0,4);
 ? ? ?fs.Close();

 ? ? ?// Convert the byte arrays back into useful data
 ? ? ?FirstName = System.Text.Encoding.UTF8.GetString(firstNameBytes);
 ? ? ?LastName = System.Text.Encoding.UTF8.GetString(lastNameBytes);
 ? ? ?Age = BitConverter.ToInt32(ageBytes,0);
 ? }
}

This is a fairly simple, and somewhat incomplete example, and not the best example of good programming style, but it should get you started. This technique, as I said, is a lot more work, because the de/serialization of each class becomes a unique event that you have to specifically program, but it is much faster than .NET binary serialization, and you don't have to make any guesses about what's going on behind the scenes.

There are two problems with this example. First, it's not as fast as it could be. If you use a chunk-based format, it will be a lot faster. And second, this technique does not handle large amounts of data well. Once you get into tens of megabytes, it slows down quite a bit. At that point, .NET binary serialization actually becomes faster, but also much MUCH more memory-intensive since you can't grab just one object out of the file, as you can with this technique. In any case, a chunk-based format (almost) solves the speed problem for large amounts of data as well.

Once you're a bit more familiar with binary file reading/writing, you might also want to take a look at a pseudo-database format (basically, a smaller index file with lots of little objects, each one referencing a single complete object in the main file). If I need to handle large amounts of data, I use an indexed, chunk-based data format, which moves the level at which speed again becomes a problem even further away (handling about 3000 objects in the program at a time with that technique is where the speed and memory again become issues). If you're looking to handle more data than that, you should be looking into a full database.

If you want to look into chunk-based files, take a look at the PNG specification, or I can provide you with a C# example (a real-world example, that I'm using in an app I'm writing). Email me for that.

Edited by dannysmurf
  • 0

Thank you so much. That solution taught me more than the last three C# books I read.

While I was eagerly awaiting your response, I began googling like crazy trying to find any solution that bordered on helpful. The only thing that came close was an article on CodeProject.com that benchmarked some custom serialization and deserialization. The conclusions were similar to yours.

Anyway, I just thought I'd mention that for posterity.

Thank you again for your help.

(P.S. e-mail sent :D )

  • 0

There is a solution to the above problem without seralizing to xml.

https://forums.microsoft.com/msdn/showpost....=0&pageid=1

Credits goes to MM for the below code from the above link. It works beautifully.

	   static constructor() {
			AppDomain.CurrentDomain.AssemblyResolve += new ResolveEventHandler(CurrentDomain_AssemblyResolve);
	   }

		static Assembly CurrentDomain_AssemblyResolve(object sender, ResolveEventArgs args) {
			Assembly ayResult = null;
			string sShortAssemblyName = args.Name.Split(',')[0];
			Assembly[] ayAssemblies = AppDomain.CurrentDomain.GetAssemblies();
			foreach (Assembly ayAssembly in ayAssemblies) {
				if (sShortAssemblyName == ayAssembly.FullName.Split(',')[0]) {
					ayResult = ayAssembly;
					break;
				}
			}
			return ayResult;
		}

  • 0
  dannysmurf said:
Sure. Just convert the objects in the class to their byte equivalents and write the bytes to a file. Say you have a class that represents a person:

public class Person
{
 ? public String FirstName = "";
 ? public String LastName = "";
 ? public Int32 Age = 0;

 ? public Person() {};

 ? public void Serialize(String Filepath)
 ? {
 ? ? ?// Convert the class' data to bytes for writing

 ? ? ?byte[] firstNameBytes = System.Text.Encoding.UTF8.GetBytes(FirstName);
 ? ? ?byte[] lastNameBytes = System.Text.Encoding.UTF8.GetBytes(LastName);
 ? ? ?byte[] ageBytes = System.BitConverter.GetBytes(Age);

 ? ? ?// You'll need to store the lengths of any strings in the file, since strings can be any length. Integers and other numbers have fixed lengths. Integers are four bytes, doubles are eight bytes, etc.

 ? ? ?byte[] fnbLength = BitConverter.GetBytes(firstNameBytes.Length);
 ? ? ?byte[] lnbLength = BitConverter.GetBytes(lastNameBytes.Length);
 ? ? ?
 ? ? ?FileStream fs = new FileStream(Filepath,FileMode.Create,FileAccess.Write);
 ? ? ?// Write any file-identification data you want to here

 ? ? ?// Write the class data into the file.
 ? ? ?fs.Write(fnbLength,0,4);
 ? ? ?fs.Write(firstNameBytes,0,firstNameBytes.Length);
 ? ? ?fs.Write(lnbLength,0,4);
 ? ? ?fs.Write(lastNameBytes,0,lastNameBytes.Length);
 ? ? ?fs.Write(ageBytes,0,4);
 ? ? ?fs.Close();
 ? }

 ? public void Deserialize(String Filepath)
 ? {
 ? ? ?// Create byte array variables for all the known-length entities in the file
 ? ? ?byte[] fnbLength = new byte[4];
 ? ? ?byte[] lnbLength = new byte[4];
 ? ? ?byte[] ageBytes = new byte[4];

 ? ? ?FileStream fs = new FileStream(Filepath,FileMode.Open,FileAccess.Read);
 ? ? ?// Read back the file identification data, if any

 ? ? ?// Read the class data from the file
 ? ? ?fs.Read(fnbLength,0,4);
 ? ? ?byte[] firstNameBytes = new byte[BitConverter.ToInt32(fnbLength,0)];
 ? ? ?fs.Read(firstNameBytes,0,firstNameBytes.Length);
 ? ? ?fs.Read(lnbLength,0,4);
 ? ? ?byte[] lastNameBytes = new byte[BitConverter.ToInt32(lnbLength,0)];
 ? ? ?fs.Read(lastNameBytes,0,lastNameBytes.Length);
 ? ? ?fs.Read(ageBytes,0,4);
 ? ? ?fs.Close();

 ? ? ?// Convert the byte arrays back into useful data
 ? ? ?FirstName = System.Text.Encoding.UTF8.GetString(firstNameBytes);
 ? ? ?LastName = System.Text.Encoding.UTF8.GetString(lastNameBytes);
 ? ? ?Age = BitConverter.ToInt32(ageBytes,0);
 ? }
}

This is a fairly simple, and somewhat incomplete example, and not the best example of good programming style, but it should get you started. This technique, as I said, is a lot more work, because the de/serialization of each class becomes a unique event that you have to specifically program, but it is much faster than .NET binary serialization, and you don't have to make any guesses about what's going on behind the scenes.

There are two problems with this example. First, it's not as fast as it could be. If you use a chunk-based format, it will be a lot faster. And second, this technique does not handle large amounts of data well. Once you get into tens of megabytes, it slows down quite a bit. At that point, .NET binary serialization actually becomes faster, but also much MUCH more memory-intensive since you can't grab just one object out of the file, as you can with this technique. In any case, a chunk-based format (almost) solves the speed problem for large amounts of data as well.

Once you're a bit more familiar with binary file reading/writing, you might also want to take a look at a pseudo-database format (basically, a smaller index file with lots of little objects, each one referencing a single complete object in the main file). If I need to handle large amounts of data, I use an indexed, chunk-based data format, which moves the level at which speed again becomes a problem even further away (handling about 3000 objects in the program at a time with that technique is where the speed and memory again become issues). If you're looking to handle more data than that, you should be looking into a full database.

If you want to look into chunk-based files, take a look at the PNG specification, or I can provide you with a C# example (a real-world example, that I'm using in an app I'm writing). Email me for that.

I need to exchange data between a Pocket PC and a server on a PC. Data must also be saved on hard disk of server PC. As BinaryFormater doesn't exists on Compact Framwork and XML serializer is takes to much memory to process data of our application we need something else. Custom serialisation much faster and robust. I though processing like you said (MemoryStream, etc...) but it is a good idea ?

Else, could you give me much details on CHUNCK-BASED please ? I'm really interested to any suggestion.

Thanks

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Black Myth: Wukong hits Xbox this August, exactly a year after PlayStation launch by Pulasthi Ariyasinghe Developer Game Science delivered one of the biggest action games of all time last year, with Black Myth: Wukong going on to sell tens of millions in its launch month and winning a multitude of awards. However, the title skipped out on a platform it was originally announced to launch in: Xbox. Following a long string of reasons and delays, it seems the port is finally coming to the platform. Today, Game Science announced that the Xbox Series X|S version of Black Myth: Wukong now has a release date, with it landing on August 20, 2025. Pre-orders for the title will become available starting June 18. Interestingly, this Xbox release date is set exactly one year after the original release on PlayStation 5 and PC. Game Science originally stated that the delay was due to technical issues with Xbox consoles. However, Microsoft refuted that claim quickly and alluded that the delay was due to some sort of console exclusivity deal between Game Science and Sony. In today's announcement, Game Science once again says that the delay was due to its work on porting the game to Xbox and meeting its quality standards. "Bringing Black Myth: Wukong to Xbox Series X|S—and ensuring the experience met our internal quality standards—was no easy feat," said the studio today regarding the long delay on Xbox platforms. "Fortunately, we were able to complete this challenging task smoothly within the first year of the game's official release." "If you're an Xbox player who hasn't yet experienced the game on another platform, we're confident it will stand among the finest ARPGs available on Xbox," added Game Science. For those looking to jump into the game a little cheaper than usual, Game Science will be hosting Black Myth: Wukong's first-ever sale on June 18. The 20% off discount will be available across PC, PlayStation, and even the Microsoft Store for the Xbox Series X|S pre-order.
    • And where is "don't be evil"? Oh, yeah, they removed it, too.
    • YouTube isn't a monopoly, it's just the most popular video platform, but other options and competitors do exist. And I'm not defending YouTube here, I'm a subscriber to Geerling's channel and I like his content and YouTube clearly went too far with this, but they can't be considered a monopoly, IMO. https://www.captions.ai/blog-post/youtube-alternatives
    • Harmful to them because it affects their business. *Sigh*
    • TCL 75" 4K Smart TV hits lowest price, now less than £500 by Paul Hill Are you in the UK and looking for a massive 75-inch Ultra HD 4K HDR TV at a relatively affordable price? If so, check out this TCL (75P755K) 75-inch TV now because it’s at its lowest price of just £499.00, down 15% from £589.00. The model in question is slightly older, from 2024, but it’s still an excellent home entertainment upgrade given its feature set and aggressive price point. What you get: Features for the price The feature set of this model is definitely pretty impressive. It supports 4K HDR, wide colour gamut, and multiple HDR formats including HDR10+ and Dolby Vision. It also leverages MEMC (Motion Estimation & Motion Compensation), a proprietary algorithm from TCL that helps to reduce motion display blur and keep motion trails to a minimum. While MEMC will do heavy lifting to ensure the best picture, the TV only has a 60Hz refresh rate, but an effective rate of 120Hz thanks to efforts by TCL. This TCL model features Dolby Atmos 2.0 that immerses you more in whatever you’re watching on the TV. In terms of software, this TV comes with Google TV (based on Android) which is well-known and widely supported, ensuring you can use all the apps you depend on. It also supports Google Assistant, Chromecast, and voice control. The Chromecast support allows you to easily stream from your computer or phone to the TV to share what you’re watching to the people around you. The Google Assistant support can also be good if you have smart home devices around the house that can connect to it. The audio features for this TV are also good and mean you don’t need to buy a separate sound bar immediately. User experience and potential considerations According to What Hi-Fi, which reviewed the smaller 65-inch version of this TV, TCL’s TV delivers when it comes to HDR; gaming features such as low input lag, VRR, and Game Bar; wide colour gamut, and the operating system. What it didn’t like about the TV was the limited brightness, which degraded the HDR in bright rooms; the average motion handling; the lack of bass; the lack of local dimming; and the budget-oriented build quality. Making the smart buy decision If you can overlook its limitations, this TV could be a good pick if you need a new TV in the living room on a budget. If you are a serious gamer looking for a high refresh rate, or someone in a very bright room, then you will probably want to look elsewhere. Amazon is also offering free add-on services including wall mounting and unpack. If you do decide to pick up this TCL TV and find a fault with it, you have 30-days from getting the receipt to return it. TCL 75P755K 75-inch 4K TV: £499 (Amazon UK) - MSRP £589 / 15% off This Amazon deal is U.K. specific, and not available in other regions unless specified. If you don't like it or want to look at more options, check out the Amazon UK deals page here. Get Prime, Prime Video, Music Unlimited, Audible or Kindle Unlimited, free for the first 30 days As an Amazon Associate we earn from qualifying purchases.
  • Recent Achievements

    • Week One Done
      theevergreentree earned a badge
      Week One Done
    • Dedicated
      Fryer Tuck earned a badge
      Dedicated
    • Week One Done
      luxoxfurniture earned a badge
      Week One Done
    • First Post
      Uranus_enjoyer earned a badge
      First Post
    • Week One Done
      Uranus_enjoyer earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      439
    2. 2
      +FloatingFatMan
      247
    3. 3
      snowy owl
      226
    4. 4
      ATLien_0
      212
    5. 5
      Xenon
      152
  • Tell a friend

    Love Neowin? Tell a friend!