BinaryFormatter.Deserialize Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Deserializes a stream into an object graph.
Overloads
| Deserialize(Stream) |
Obsolete.
Deserializes the specified stream into an object graph. |
| Deserialize(Stream, HeaderHandler) |
Deserializes the specified stream into an object graph. The provided HeaderHandler handles any headers in that stream. |
Remarks
Important
Calling this method with untrusted data is a security risk. Call this method only with trusted data. For more information, see Validate All Inputs.
Deserialize(Stream)
- Source:
- BinaryFormatter.Core.cs
- Source:
- BinaryFormatter.Core.cs
- Source:
- BinaryFormatter.Core.cs
Caution
BinaryFormatter serialization is obsolete and should not be used. See https://aka.ms/binaryformatter for more information.
Deserializes the specified stream into an object graph.
public:
virtual System::Object ^ Deserialize(System::IO::Stream ^ serializationStream);[System.Obsolete("BinaryFormatter serialization is obsolete and should not be used. See https://aka.ms/binaryformatter for more information.", DiagnosticId="SYSLIB0011", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public object Deserialize (System.IO.Stream serializationStream);public object Deserialize (System.IO.Stream serializationStream);[<System.Obsolete("BinaryFormatter serialization is obsolete and should not be used. See https://aka.ms/binaryformatter for more information.", DiagnosticId="SYSLIB0011", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
abstract member Deserialize : System.IO.Stream -> obj
override this.Deserialize : System.IO.Stream -> objabstract member Deserialize : System.IO.Stream -> obj
override this.Deserialize : System.IO.Stream -> objPublic Function Deserialize (serializationStream As Stream) As ObjectParameters
- serializationStream
- Stream
The stream from which to deserialize the object graph.
Returns
The top (root) of the object graph.
Implements
- Attributes
Exceptions
The serializationStream is null.
The serializationStream supports seeking, but its length is 0.
-or-
The input stream does not represent a well-formed BinaryFormatter serialized payload.
-or-
An error occurred while deserializing an object from the input stream.
The InnerException property may contain more information about the root cause.
The caller does not have the required permission.
ASP.NET Core 5-8: Always thrown unless BinaryFormatter functionality is re-enabled in the project file. For more information, see Resolving BinaryFormatter obsoletion and disablement errors.
.NET 9 and later versions: In all cases. For more information, see BinaryFormatter migration guide.
Remarks
Warning
BinaryFormatter is insecure and can't be made secure. For more information, see the BinaryFormatter security guide.
For successful deserialization, the current position in the stream must be at the beginning of the object graph.
Important
Calling this method with untrusted data is a security risk. Call this method only with trusted data. For more information, see Validate All Inputs.
Applies to
Deserialize(Stream, HeaderHandler)
Deserializes the specified stream into an object graph. The provided HeaderHandler handles any headers in that stream.
public:
virtual System::Object ^ Deserialize(System::IO::Stream ^ serializationStream, System::Runtime::Remoting::Messaging::HeaderHandler ^ handler);public object Deserialize (System.IO.Stream serializationStream, System.Runtime.Remoting.Messaging.HeaderHandler handler);abstract member Deserialize : System.IO.Stream * System.Runtime.Remoting.Messaging.HeaderHandler -> obj
override this.Deserialize : System.IO.Stream * System.Runtime.Remoting.Messaging.HeaderHandler -> objPublic Function Deserialize (serializationStream As Stream, handler As HeaderHandler) As ObjectParameters
- serializationStream
- Stream
The stream from which to deserialize the object graph.
- handler
- HeaderHandler
The HeaderHandler that handles any headers in the serializationStream. Can be null.
Returns
The deserialized object or the top object (root) of the object graph.
Implements
Exceptions
The serializationStream is null.
The serializationStream supports seeking, but its length is 0.
-or-
The target type is a Decimal, but the value is out of range of the Decimal type.
The caller does not have the required permission.
Remarks
Warning
BinaryFormatter is insecure and can't be made secure. For more information, see the BinaryFormatter security guide.
Headers are used only for specific remoting applications.
For deserialization to succeed, the current position in the stream must be at the beginning of the object graph.
Important
Calling this method with untrusted data is a security risk. Call this method only with trusted data. For more information, see Validate All Inputs.
