Remove the use of BinaryFormatter in PSRP serialization (PowerShell#17133)

Author: jborean93

src/System.Management.Automation/engine/remoting/common/WireDataFormat/EncodeAndDecode.cs

@@ -1601,8 +1601,6 @@ internal static RemoteDataObject GenerateClientSessionCapability(RemoteSessionCa
                 Guid runspacePoolId)
         {
             PSObject temp = GenerateSessionCapability(capability);
-            temp.Properties.Add(
-                new PSNoteProperty(RemoteDataNameStrings.TimeZone, RemoteSessionCapability.GetCurrentTimeZoneInByteFormat()));
             return RemoteDataObject.CreateFrom(capability.RemotingDestination,
                 RemotingDataType.SessionCapability, runspacePoolId, Guid.Empty, temp);
         }
@@ -2373,24 +2371,6 @@ internal static RemoteSessionCapability GetSessionCapability(object data)
                 RemotingDestination.InvalidDestination,
                 protocolVersion, psVersion, serializationVersion);
 
-            if (dataAsPSObject.Properties[RemoteDataNameStrings.TimeZone] != null)
-            {
-                // Binary deserialization of timezone info via BinaryFormatter is unsafe,
-                // so don't deserialize any untrusted client data using this API.
-                //
-                // In addition, the binary data being sent by the client doesn't represent
-                // the client's current TimeZone unless they somehow accessed the
-                // StandardName and DaylightName. These properties are initialized lazily
-                // by the .NET Framework, and would be populated by the server with local
-                // values anyways.
-                //
-                // So just return the CurrentTimeZone.
-
-#if !CORECLR // TimeZone Not In CoreCLR
-                result.TimeZone = TimeZone.CurrentTimeZone;
-#endif
-            }
-
             return result;
         }
 

src/System.Management.Automation/engine/remoting/common/WireDataFormat/RemoteSessionCapability.cs

@@ -5,7 +5,6 @@
 using System.IO;
 using System.Management.Automation.Host;
 using System.Management.Automation.Internal.Host;
-using System.Runtime.Serialization.Formatters.Binary;
 
 using Dbg = System.Management.Automation.Diagnostics;
 
@@ -25,8 +24,6 @@ internal class RemoteSessionCapability
         private readonly Version _serversion;
         private Version _protocolVersion;
         private readonly RemotingDestination _remotingDestination;
-        private static byte[] _timeZoneInByteFormat;
-        private TimeZoneInfo _timeZone;
 
         #endregion
 
@@ -91,64 +88,6 @@ internal static RemoteSessionCapability CreateServerCapability()
         {
             return new RemoteSessionCapability(RemotingDestination.Client);
         }
-
-        /// <summary>
-        /// This is static property which gets Current TimeZone in byte format
-        /// by using ByteFormatter.
-        /// This is static to make client generate this only once.
-        /// </summary>
-        internal static byte[] GetCurrentTimeZoneInByteFormat()
-        {
-            if (_timeZoneInByteFormat == null)
-            {
-                Exception e = null;
-                try
-                {
-                    BinaryFormatter formatter = new BinaryFormatter();
-                    using (MemoryStream stream = new MemoryStream())
-                    {
-#pragma warning disable SYSLIB0011
-                        formatter.Serialize(stream, TimeZoneInfo.Local);
-#pragma warning restore SYSLIB0011
-                        stream.Seek(0, SeekOrigin.Begin);
-                        byte[] result = new byte[stream.Length];
-                        stream.Read(result, 0, (int)stream.Length);
-                        _timeZoneInByteFormat = result;
-                    }
-                }
-                catch (ArgumentNullException ane)
-                {
-                    e = ane;
-                }
-                catch (System.Runtime.Serialization.SerializationException sre)
-                {
-                    e = sre;
-                }
-                catch (System.Security.SecurityException se)
-                {
-                    e = se;
-                }
-
-                // if there is any exception serializing the timezone information
-                // ignore it and dont try to serialize again.
-                if (e != null)
-                {
-                    _timeZoneInByteFormat = Array.Empty<byte>();
-                }
-            }
-
-            return _timeZoneInByteFormat;
-        }
-
-        /// <summary>
-        /// Gets the TimeZone of the destination machine. This may be null.
-        /// </summary>
-        internal TimeZoneInfo TimeZone
-        {
-            get { return _timeZone; }
-
-            set { _timeZone = value; }
-        }
     }
 
     /// <summary>

src/System.Management.Automation/engine/remoting/fanin/PSPrincipal.cs

@@ -18,9 +18,8 @@ namespace System.Management.Automation.Remoting
     /// <summary>
     /// This class is used in the server side remoting scenarios. This class
     /// holds information about the incoming connection like:
-    /// (a) Client's TimeZone
-    /// (b) Connecting User information
-    /// (c) Connection String used by the user to connect to the server.
+    /// (a) Connecting User information
+    /// (b) Connection String used by the user to connect to the server.
     /// </summary>
     [Serializable]
     public sealed class PSSenderInfo : ISerializable
@@ -81,8 +80,6 @@ private PSSenderInfo(SerializationInfo info, StreamingContext context)
                 UserInfo = senderInfo.UserInfo;
                 ConnectionString = senderInfo.ConnectionString;
                 _applicationArguments = senderInfo._applicationArguments;
-
-                ClientTimeZone = senderInfo.ClientTimeZone;
             }
             catch (Exception)
             {
@@ -129,11 +126,7 @@ public PSPrincipal UserInfo
         /// <summary>
         /// Contains the TimeZone information from the client machine.
         /// </summary>
-        public TimeZoneInfo ClientTimeZone
-        {
-            get;
-            internal set;
-        }
+        public TimeZoneInfo ClientTimeZone => null;
 
         /// <summary>
         /// Connection string used by the client to connect to the server. This is

src/System.Management.Automation/engine/remoting/server/serverremotesession.cs

@@ -749,13 +749,6 @@ private void HandleCreateRunspacePool(object sender, RemoteDataEventArgs createR
             RemoteDataObject<PSObject> rcvdData = createRunspaceEventArg.ReceivedData;
             Dbg.Assert(rcvdData != null, "rcvdData must be non-null");
 
-            // set the PSSenderInfo sent in the first packets
-            // This is used by the initial session state configuration providers like Exchange.
-            if (Context != null)
-            {
-                _senderInfo.ClientTimeZone = Context.ClientCapability.TimeZone;
-            }
-
             _senderInfo.ApplicationArguments = RemotingDecoder.GetApplicationArguments(rcvdData.Data);
 
             // Get Initial Session State from custom session config suppliers

src/System.Management.Automation/engine/serialization.cs

@@ -7212,7 +7212,6 @@ internal static PSSenderInfo RehydratePSSenderInfo(PSObject pso)
 
             PSSenderInfo senderInfo = new PSSenderInfo(psPrincipal, GetPropertyValue<string>(pso, "ConnectionString"));
 
-            senderInfo.ClientTimeZone = TimeZoneInfo.Local;
             senderInfo.ApplicationArguments = GetPropertyValue<PSPrimitiveDictionary>(pso, "ApplicationArguments");
 
             return senderInfo;