Export (0) Print
Expand All

Naming Convention for Unmanaged Code Methods

A useful and highly recommended convention has been established for naming unmanaged code methods. All unmanaged code methods are separated into three categories: safe, native, and unsafe. These keywords can be used as class names within which the various kinds of unmanaged code entry points are defined. In source code, these keywords should be added to the class name, as in Safe.GetTimeOfDay, Native.Xyz, or Unsafe.DangerousAPI, for example. Each of these keywords provides useful security information for developers using that class, as described in the following table.

Keyword

Security considerations

safe

Completely harmless for any code, even malicious code, to call. Can be used just like other managed code. For example, a function that gets the time of day is typically safe.

native

Security-neutral; that is, unmanaged code that requires unmanaged code permission to call. Security is checked, which stops an unauthorized caller.

unsafe

Potentially dangerous unmanaged code entry point with security suppressed. Developers should use the greatest caution when using such unmanaged code, making sure that other protections are in place to prevent a security vulnerability. Developers must be responsible, as this keyword overrides the security system.

Show:
© 2014 Microsoft