BinaryFormatter.UnsafeDeserialize(Stream, HeaderHandler) Method

Definition

Namespace:

System.Runtime.Serialization.Formatters.Binary

Assembly:

mscorlib.dll

Deserializes the specified stream into an object graph. The provided HeaderHandler handles any headers in that stream.

public:
 System::Object ^ UnsafeDeserialize(System::IO::Stream ^ serializationStream, System::Runtime::Remoting::Messaging::HeaderHandler ^ handler);

[System.Runtime.InteropServices.ComVisible(false)]
[System.Security.SecurityCritical]
public object UnsafeDeserialize (System.IO.Stream serializationStream, System.Runtime.Remoting.Messaging.HeaderHandler handler);

[<System.Runtime.InteropServices.ComVisible(false)>]
[<System.Security.SecurityCritical>]
member this.UnsafeDeserialize : System.IO.Stream * System.Runtime.Remoting.Messaging.HeaderHandler -> obj

Public Function UnsafeDeserialize (serializationStream As Stream, handler As HeaderHandler) As Object

Parameters

serializationStream

Stream

The stream from which to deserialize the object graph.

handler

HeaderHandler

The HeaderHandler that handles any headers in the serializationStream. Can be null.

Returns

Object

The deserialized object or the top object (root) of the object graph.

Attributes

ComVisibleAttribute SecurityCriticalAttribute

Exceptions

ArgumentNullException

The serializationStream is null.

SerializationException

The serializationStream supports seeking, but its length is 0.

SecurityException

The caller does not have the required permission.

Remarks

Warning

BinaryFormatter is insecure and can't be made secure. For more information, see the BinaryFormatter security guide.

Headers are used only for specific remoting applications.

For successful deserialization, the current position in the stream must be at the beginning of the object graph.

Important

Calling this method with untrusted data is a security risk. Call this method only with trusted data. For more information, see Validate All Inputs.