Export (0) Print
Expand All

Extended Correctness Rules rule set for managed code

The Microsoft Extended Correctness Rules rule set maximizes the logic and framework usage errors that are reported by code analysis. Extra emphasis is placed on specific scenarios such as COM interoperability and mobile applications. You should consider including this rule set if one of these scenarios applies to your project or to find additional problems in your project.

The Microsoft Extended Correctness Rules rule set includes the rules that are in the Microsoft Basic Correctness Rules rule set. The Basic Correctness Rules include the rules that are in the Microsoft Minimum Recommended Rules rule set. For more information see Basic Correctness Rules rule set for managed code and Managed Recommended Rules rule set for managed code

The following table describes all of the rules in the Microsoft Extended Correctness Rules rule set.

Rule

Description

CA1001

Types that own disposable fields should be disposable

CA1009

Declare event handlers correctly

CA1016

Mark assemblies with AssemblyVersionAttribute

CA1033

Interface methods should be callable by child types

CA1049

Types that own native resources should be disposable

CA1060

Move P/Invokes to NativeMethods class

CA1061

Do not hide base class methods

CA1063

Implement IDisposable correctly

CA1065

Do not raise exceptions in unexpected locations

CA1301

Avoid duplicate accelerators

CA1400

P/Invoke entry points should exist

CA1401

P/Invokes should not be visible

CA1403

Auto layout types should not be COM visible

CA1404

Call GetLastError immediately after P/Invoke

CA1405

COM visible type base types should be COM visible

CA1410

COM registration methods should be matched

CA1415

Declare P/Invokes correctly

CA1821

Remove empty finalizers

CA1900

Value type fields should be portable

CA1901

P/Invoke declarations should be portable

CA2002

Do not lock on objects with weak identity

CA2100

Review SQL queries for security vulnerabilities

CA2101

Specify marshaling for P/Invoke string arguments

CA2108

Review declarative security on value types

CA2111

Pointers should not be visible

CA2112

Secured types should not expose fields

CA2114

Method security should be a superset of type

CA2116

APTCA methods should only call APTCA methods

CA2117

APTCA types should only extend APTCA base types

CA2122

Do not indirectly expose methods with link demands

CA2123

Override link demands should be identical to base

CA2124

Wrap vulnerable finally clauses in outer try

CA2126

Type link demands require inheritance demands

CA2131

Security critical types may not participate in type equivalence

CA2132

Default constructors must be at least as critical as base type default constructors

CA2133

Delegates must bind to methods with consistent transparency

CA2134

Methods must keep consistent transparency when overriding base methods

CA2137

Transparent methods must contain only verifiable IL

CA2138

Transparent methods must not call methods with the SuppressUnmanagedCodeSecurity attribute

CA2140

Transparent code must not reference security critical items

CA2141

Transparent methods must not satisfy LinkDemands

CA2146

Types must be at least as critical as their base types and interfaces

CA2147

Transparent methods may not use security asserts

CA2149

Transparent methods must not call into native code

CA2200

Rethrow to preserve stack details

CA2202

Do not dispose objects multiple times

CA2207

Initialize value type static fields inline

CA2212

Do not mark serviced components with WebMethod

CA2213

Disposable fields should be disposed

CA2214

Do not call overridable methods in constructors

CA2216

Disposable types should declare finalizer

CA2220

Finalizers should call base class finalizer

CA2229

Implement serialization constructors

CA2231

Overload operator equals on overriding ValueType.Equals

CA2232

Mark Windows Forms entry points with STAThread

CA2235

Mark all non-serializable fields

CA2236

Call base class methods on ISerializable types

CA2237

Mark ISerializable types with SerializableAttribute

CA2238

Implement serialization methods correctly

CA2240

Implement ISerializable correctly

CA2241

Provide correct arguments to formatting methods

CA2242

Test for NaN correctly

CA1008

Enums should have zero value

CA1013

Overload operator equals on overloading add and subtract

CA1303

Do not pass literals as localized parameters

CA1308

Normalize strings to uppercase

CA1806

Do not ignore method results

CA1816

Call GC.SuppressFinalize correctly

CA1819

Properties should not return arrays

CA1820

Test for empty strings using string length

CA1903

Use only API from targeted framework

CA2004

Remove calls to GC.KeepAlive

CA2006

Use SafeHandle to encapsulate native resources

CA2102

Catch non-CLSCompliant exceptions in general handlers

CA2104

Do not declare read only mutable reference types

CA2105

Array fields should not be read only

CA2106

Secure asserts

CA2115

Call GC.KeepAlive when using native resources

CA2119

Seal methods that satisfy private interfaces

CA2120

Secure serialization constructors

CA2121

Static constructors should be private

CA2130

Security critical constants should be transparent

CA2205

Use managed equivalents of Win32 API

CA2215

Dispose methods should call base class dispose

CA2221

Finalizers should be protected

CA2222

Do not decrease inherited member visibility

CA2223

Members should differ by more than return type

CA2224

Override equals on overloading operator equals

CA2226

Operators should have symmetrical overloads

CA2227

Collection properties should be read only

CA2239

Provide deserialization methods for optional fields

CA1032

Implement standard exception constructors

CA1054

URI parameters should not be strings

CA1055

URI return values should not be strings

CA1056

URI properties should not be strings

CA1057

String URI overloads call System.Uri overloads

CA1402

Avoid overloads in COM visible interfaces

CA1406

Avoid Int64 arguments for Visual Basic 6 clients

CA1407

Avoid static members in COM visible types

CA1408

Do not use AutoDual ClassInterfaceType

CA1409

Com visible types should be creatable

CA1411

COM registration methods should not be visible

CA1412

Mark ComSource Interfaces as IDispatch

CA1413

Avoid non-public fields in COM visible value types

CA1414

Mark boolean P/Invoke arguments with MarshalAs

CA1600

Do not use idle process priority

CA1601

Do not use timers that prevent power state changes

CA1824

Mark assemblies with NeutralResourcesLanguageAttribute

CA2001

Avoid calling problematic methods

CA2003

Do not treat fibers as threads

CA2135

Level 2 assemblies should not contain LinkDemands

CA2136

Members should not have conflicting transparency annotations

CA2139

Transparent methods may not use the HandleProcessCorruptingExceptions attribute

CA2142

Transparent code should not be protected with LinkDemands

CA2143

Transparent methods should not use security demands

CA2144

Transparent code should not load assemblies from byte arrays

CA2145

Transparent methods should not be decorated with the SuppressUnmanagedCodeSecurityAttribute

CA2204

Literals should be spelled correctly

CA2211

Non-constant fields should not be visible

CA2217

Do not mark enums with FlagsAttribute

CA2218

Override GetHashCode on overriding Equals

CA2219

Do not raise exceptions in exception clauses

CA2225

Operator overloads have named alternates

CA2228

Do not ship unreleased resource formats

CA2230

Use params for variable arguments

CA2233

Operations should not overflow

CA2234

Pass System.Uri objects instead of strings

CA2243

Attribute string literals should parse correctly

Show:
© 2014 Microsoft