Events
17 Mar, 9 pm - 21 Mar, 10 am
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowCA2351: Ensure DataSet.ReadXml()'s input is trusted
| Property | Value |
|---|---|
| Rule ID | CA2351 |
| Title | Ensure DataSet.ReadXml()'s input is trusted |
| Category | Security |
| Fix is breaking or non-breaking | Non-breaking |
| Enabled by default in .NET 9 | No |
The DataSet.ReadXml method was called or referenced, and not within autogenerated code.
This rule classifies autogenerated code b:
- Being inside a method named
ReadXmlSerializable. - The
ReadXmlSerializablemethod has a System.Diagnostics.DebuggerNonUserCodeAttribute. - The
ReadXmlSerializablemethod is within a type that has a System.ComponentModel.DesignerCategoryAttribute.
CA2361 is a similar rule, for when DataSet.ReadXml appears within autogenerated code.
When deserializing a DataSet with untrusted input, an attacker can craft malicious input to perform a denial of service attack. There may be unknown remote code execution vulnerabilities.
For more information, see DataSet and DataTable security guidance.
- If possible, use Entity Framework rather than the DataSet.
- Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.
It's safe to suppress a warning from this rule if:
- You know the input is trusted. Consider that your application's trust boundary and data flows may change over time.
- You've taken one of the precautions in How to fix violations.
If you just want to suppress a single violation, add preprocessor directives to your source file to disable and then re-enable the rule.
C#
#pragma warning disable CA2351
// The code that's violating the rule is on this line.
#pragma warning restore CA2351
To disable the rule for a file, folder, or project, set its severity to none in the configuration file.
ini
[*.{cs,vb}]
dotnet_diagnostic.CA2351.severity = none
For more information, see How to suppress code analysis warnings.
C#
using System.Data;
public class ExampleClass
{
public DataSet MyDeserialize(string untrustedXml)
{
DataSet dt = new DataSet();
dt.ReadXml(untrustedXml);
}
}
CA2350: Ensure DataTable.ReadXml()'s input is trusted
CA2353: Unsafe DataSet or DataTable in serializable type
CA2355: Unsafe DataSet or DataTable in deserialized object graph
CA2356: Unsafe DataSet or DataTable in web deserialized object graph
CA2361: Ensure autogenerated class containing DataSet.ReadXml() is not used with untrusted data
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
.NET feedback
.NET is an open source project. Select a link to provide feedback: