CA2139: Transparent methods may not use the HandleProcessCorruptingExceptions attribute
Applies to: 
Visual Studio 
Visual Studio for Mac
Note
This article applies to Visual Studio 2017. If you're looking for the latest Visual Studio documentation, see Visual Studio documentation. We recommend upgrading to the latest version of Visual Studio. Download it here
| Item | Value |
|---|---|
| RuleId | CA2139 |
| Category | Microsoft.Security |
| Breaking change | Breaking |
Cause
A transparent method is marked with the HandleProcessCorruptedStateExceptionsAttribute attribute.
Note
This rule has been deprecated. For more information, see Deprecated rules.
Rule description
This rule fires any method which is transparent and attempts to handle a process corrupting exception by using the HandleProcessCorruptedStateExceptionsAttribute attribute. A process corrupting exception is a CLR version 4.0 exception classification of exceptions such AccessViolationException. The HandleProcessCorruptedStateExceptionsAttribute attribute may only be used by security critical methods, and will be ignored if it is applied to a transparent method. To handle process corrupting exceptions, this method must become security critical or security safe-critical.
How to fix violations
To fix a violation of this rule, remove the HandleProcessCorruptedStateExceptionsAttribute attribute, or mark the method with the SecurityCriticalAttribute or the SecuritySafeCriticalAttribute attribute.
When to suppress warnings
Do not suppress a warning from this rule.
Example
In this example, a transparent method is marked with the HandleProcessCorruptedStateExceptionsAttribute attribute and will fail the rule. The method should also be marked with the SecurityCriticalAttribute or the SecuritySafeCriticalAttribute attribute.
using System;
using System.Runtime.InteropServices;
using System.Runtime.ExceptionServices;
using System.Security;
namespace TransparencyWarningsDemo
{
public class HandleProcessCorruptedStateExceptionClass
{
[DllImport("SomeModule.dll")]
private static extern void NativeCode();
// CA2139 violation - transparent method attempting to handle a process corrupting exception
[HandleProcessCorruptedStateExceptions]
public void HandleCorruptingExceptions()
{
try
{
NativeCode();
}
catch (AccessViolationException) { }
}
}
}