CA2350: Ensure DataTable.ReadXml()'s input is trusted

Property Value
Rule ID CA2350
Title Ensure DataTable.ReadXml()'s input is trusted
Category Security
Fix is breaking or non-breaking Non-breaking
Enabled by default in .NET 8 No

Cause

The DataTable.ReadXml method was called or referenced.

Rule description

When deserializing a DataTable with untrusted input, an attacker can craft malicious input to perform a denial of service attack. There may be unknown remote code execution vulnerabilities.

For more information, see DataSet and DataTable security guidance.

How to fix violations

  • If possible, use Entity Framework rather than the DataTable.
  • Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.

When to suppress warnings

It's safe to suppress a warning from this rule if:

  • You know the input is trusted. Consider that your application's trust boundary and data flows may change over time.
  • You've taken one of the precautions in How to fix violations.

Suppress a warning

If you just want to suppress a single violation, add preprocessor directives to your source file to disable and then re-enable the rule.

#pragma warning disable CA2350
// The code that's violating the rule is on this line.
#pragma warning restore CA2350

To disable the rule for a file, folder, or project, set its severity to none in the configuration file.

[*.{cs,vb}]
dotnet_diagnostic.CA2350.severity = none

For more information, see How to suppress code analysis warnings.

Pseudo-code examples

Violation

using System.Data;

public class ExampleClass
{
    public DataTable MyDeserialize(string untrustedXml)
    {
        DataTable dt = new DataTable();
        dt.ReadXml(untrustedXml);
    }
}

CA2351: Ensure DataSet.ReadXml()'s input is trusted

CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks

CA2353: Unsafe DataSet or DataTable in serializable type

CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attack

CA2355: Unsafe DataSet or DataTable in deserialized object graph

CA2356: Unsafe DataSet or DataTable in web deserialized object graph

CA2361: Ensure autogenerated class containing DataSet.ReadXml() is not used with untrusted data

CA2362: Unsafe DataSet or DataTable in autogenerated serializable type can be vulnerable to remote code execution attacks