다음을 통해 공유

Mark all non-serializable fields

  • 아티클

TypeName

MarkAllNonSerializableFields

CheckId

CA2235

Category

Microsoft.Usage

Breaking Change

NonBreaking

Cause

An instance field of a type that is not serializable is declared in a type that is serializable.

Rule Description

A serializable type is one that is marked with the System.SerializableAttribute attribute. When the type is serialized, a System.Runtime.Serialization.SerializationException exception is thrown if a type contains an instance field of a type that is not serializable.

How to Fix Violations

To fix a violation of this rule, apply the System.NonSerializedAttribute attribute to the field that is not serializable.

When to Exclude Warnings

Only exclude a warning from this rule if a System.Runtime.Serialization.ISerializationSurrogate type is declared that allows instances of the field to be serialized and deserialized.

Example

The following example shows a type that violates the rule and a type that satisfies the rule.

Imports System
Imports System.Runtime.Serialization

Namespace UsageLibrary

   Public Class Mouse
   
      Dim buttons As Integer
      Dim scanTypeValue As String

      ReadOnly Property NumberOfButtons As Integer
         Get
            Return buttons
         End Get
      End Property

      ReadOnly Property ScanType As String
         Get
            Return scanTypeValue
         End Get
      End Property

      Sub New(numberOfButtons As Integer, scanType As String)
         buttons = numberOfButtons
         scanTypeValue = scanType
      End Sub

   End Class

   <SerializableAttribute> _ 
   Public Class InputDevices1
   
      ' Violates MarkAllNonSerializableFields.
      Dim opticalMouse As Mouse 

      Sub New()
         opticalMouse = New Mouse(5, "optical") 
      End Sub

   End Class

   <SerializableAttribute> _ 
   Public Class InputDevices2
   
      ' Satisfies MarkAllNonSerializableFields.
      <NonSerializedAttribute> _ 
      Dim opticalMouse As Mouse 

      Sub New()
         opticalMouse = New Mouse(5, "optical") 
      End Sub

   End Class

End Namespace

using System;
using System.Runtime.Serialization;

namespace UsageLibrary
{
   public class Mouse
   {
      int buttons;
      string scanTypeValue;

      public int NumberOfButtons
      {
         get { return buttons; }
      }

      public string ScanType
      {
         get { return scanTypeValue; }
      }

      public Mouse(int numberOfButtons, string scanType)
      {
         buttons = numberOfButtons;
         scanTypeValue = scanType;
      }
   }

   [SerializableAttribute]
   public class InputDevices1
   {
      // Violates MarkAllNonSerializableFields.
      Mouse opticalMouse;

      public InputDevices1()
      {
         opticalMouse = new Mouse(5, "optical"); 
      }
   }

   [SerializableAttribute]
   public class InputDevices2
   {
      // Satisfies MarkAllNonSerializableFields.
      [NonSerializedAttribute]
      Mouse opticalMouse;

      public InputDevices2()
      {
         opticalMouse = new Mouse(5, "optical"); 
      }
   }
}

Call base class methods on ISerializable types

Implement ISerializable correctly

Implement serialization constructors

Implement serialization methods correctly

Mark ISerializable types with serializable

Provide deserialization methods for optional fields

Secure GetObjectData overrides

Secure serialization constructors