Last Updated:

Common Language Runtime (CLR)

The runtime provides the necessary services at run time for the application. Traditionally, each programming environment has its own runtime environment. Examples of a runtime are the Standard C Library, the Microsoft Base Class Library (MFC), the Visual Basic runtime, and the Java Virtual Machine. The .NET runtime is called the Common Language Runtime (CLR).


Common Language Runtime (CLR)


Managed Code and Data


The Common Language Runtime (CLR) provides the . NET code is a number of services (including the .NET Framework class library, which is hosted on the top layer of the CLR). In order to use these services, . NET code must have predictable behavior and, moreover, be understandable by the common language runtime (CLR). For example, in order for the runtime to validate array boundaries, all arrays in .NET are in the same format. Typical safety requirements may impose on . NET code and other limitations.

Restrictions that are imposed on the . NET code is defined by the Common Type System (CTS), as well as its reatization in the intermediate language IL developed by Microsoft Corporation (Microsoft Intermediate Language – MSIL, or simply IL). The common type system defines types and operations that can be used by code that runs in the common language runtime (CLR). Thus, it is the Common Type System (CTS) that imposes a single inheritance of the implementation on the types used. Code in the intermediate language developed by Microsoft Corporation (Microsoft Intermediate LanguageMSIL) is compiled into the internal (native) code of the platform.

. NET applications contain metadata, that is, a description of the code and data used by the application. By using metadata, you can automatically convert data to serial form by the common language runtime (CLR) when it is saved.

Code that can use services provided by the common language runtime (CLR) is called managed code.

Memory for managed data is allocated and released automatically. This automatic freeing of occupied memory is called a garbage collection. Garbage collection solves all the problems of memory leaks and the like.

Microsoft and the European Computer Manufacturers Association

[European Computer Manufacturers Association (ESMA) also has other names European Computer Manufacturers Association (EAPC) and European Computer Manufacturers Association The European Computer Manufacturers Association develops standards that are followed by most computer and software manufacturers – Editor's note].

Microsoft has submitted the C# language specification and major parts of the .NET Framework class library to the European Computer Manufacturers Association (ESMA) for standardization. The technical requirements of this independent international organization for standards define a platform-independent infrastructure of the universal language CLI (Common Language Infrastructure). The common language runtime (CLR) can be thought of as a Common Language Infrastructure (CLI) supplemented by the Basic Class Libraries (BCL).

The Basic Class Library (BCL) supports the fundamental types of the Common Type System (CTS), namely file I/O, strings, and formatting. Because the common language runtime (CLR) depends on the platform you are using, it uses the process and memory management models of the underlying operating system.

The specification (technical requirements) of the European Computer Manufacturers Association (ESMA) defines a universal intermediate language CIL (Common Intermediate Language). According to these requirements, it is allowed to interpret the code in the intermediate CIL language or compile it into its own (internal) code.

Verifiable code

Managed code can be inspected for typical security. Code that meets the requirements of typical security is not so easy to destroy. For example, data structures or other applications that reside in memory cannot be corrupted by overwriting the buffer. You can apply a security policy to code that meets typical security requirements. For example, access to some files or UI features may be allowed or denied. You can prevent the execution of code whose origin is unknown.

However, not all applications that require the common language runtime (CLR) are required to meet typical security requirements. In particular, this situation is implemented for applications written in C++. Managed code written in C++ can use features provided by the common language runtime (CLR), such as garbage collection. However, because unmanaged code can also be written in C++, there is no guarantee that an application written in C++ will meet the requirements of generic security.

In managed code written in C++, you cannot perform arithmetic operations on managed pointers, or cast the type of a managed pointer to an unmanaged pointer. Therefore, managed code written in C++ can be tested for security. However, it may happen that the same application written in C++ will perform arithmetic operations on pointers or cast the types of managed pointers to unmanaged ones. And this, at its core, is unreliable.