Поделиться через


CA2139: Transparent methods may not use the HandleProcessCorruptingExceptions attribute

TypeName

TransparentMethodsMustNotHandleProcessCorruptingExceptions

CheckId

CA2139

Category

Microsoft.Security

Breaking Change

Breaking

Cause

A transparent method is marked with the HandleProcessCorruptedStateExceptionsAttribute attribute.

Rule Description

This rule fires any method which is transparent and attempts to handle a process corrupting exception by using the HandleProcessCorruptedStateExceptionsAttribute attribute. A process corrupting exception is a CLR version 4.0 exception classification of exceptions such AccessViolationException. The HandleProcessCorruptedStateExceptionsAttribute attribute may only be used by security critical methods, and will be ignored if it is applied to a transparent method. To handle process corrupting exceptions, this method must become security critical or security safe-critical.

How to Fix Violations

To fix a violation of this rule, remove the HandleProcessCorruptedStateExceptionsAttribute attribute, or mark the method with the SecurityCriticalAttribute or the SecuritySafeCriticalAttribute attribute.

When to Suppress Warnings

Do not suppress a warning from this rule.

Example

In this example, a transparent method is marked with the HandleProcessCorruptedStateExceptionsAttribute attribute and will fail the rule. The method should also be marked with the SecurityCriticalAttribute or the SecuritySafeCriticalAttribute attribute.

using System;
using System.Runtime.InteropServices;
using System.Runtime.ExceptionServices;
using System.Security;

namespace TransparencyWarningsDemo
{

    public class HandleProcessCorruptedStateExceptionClass
    {
        [DllImport("SomeModule.dll")]
        private static extern void NativeCode();

        // CA2139 violation - transparent method attempting to handle a process corrupting exception
        [HandleProcessCorruptedStateExceptions]
        public void HandleCorruptingExceptions()
        {
            try
            {
                NativeCode();
            }
            catch (AccessViolationException) { }
        }
    }

}