Basic Correctness Rules rule set for managed code


For the latest documentation on Visual Studio 2017 RC, see Visual Studio 2017 RC Documentation.

The Basic Correctness Rules rule set focuses on logic errors and common mistakes in the usage of framework APIs. The Basic Correctness Rules include the rules in the Minimum Recommended Rules rule set. For more information, see Managed Recommended Rules rule set for managed code You should include this rule set to expand on the list of warnings that the minimum recommended rules report.

The following table describes all the rules in the Microsoft Basic Correctness Rules rule set.

CA1001Types that own disposable fields should be disposable
CA1009Declare event handlers correctly
CA1016Mark assemblies with AssemblyVersionAttribute
CA1033Interface methods should be callable by child types
CA1049Types that own native resources should be disposable
CA1060Move P/Invokes to NativeMethods class
CA1061Do not hide base class methods
CA1063Implement IDisposable correctly
CA1065Do not raise exceptions in unexpected locations
CA1301Avoid duplicate accelerators
CA1400P/Invoke entry points should exist
CA1401P/Invokes should not be visible
CA1403Auto layout types should not be COM visible
CA1404Call GetLastError immediately after P/Invoke
CA1405COM visible type base types should be COM visible
CA1410COM registration methods should be matched
CA1415Declare P/Invokes correctly
CA1821Remove empty finalizers
CA1900Value type fields should be portable
CA1901P/Invoke declarations should be portable
CA2002Do not lock on objects with weak identity
CA2100Review SQL queries for security vulnerabilities
CA2101Specify marshaling for P/Invoke string arguments
CA2108Review declarative security on value types
CA2111Pointers should not be visible
CA2112Secured types should not expose fields
CA2114Method security should be a superset of type
CA2116APTCA methods should only call APTCA methods
CA2117APTCA types should only extend APTCA base types
CA2122Do not indirectly expose methods with link demands
CA2123Override link demands should be identical to base
CA2124Wrap vulnerable finally clauses in outer try
CA2126Type link demands require inheritance demands
CA2131Security critical types may not participate in type equivalence
CA2132Default constructors must be at least as critical as base type default constructors
CA2133Delegates must bind to methods with consistent transparency
CA2134Methods must keep consistent transparency when overriding base methods
CA2137Transparent methods must contain only verifiable IL
CA2138Transparent methods must not call methods with the SuppressUnmanagedCodeSecurity attribute
CA2140Transparent code must not reference security critical items
CA2141Transparent methods must not satisfy LinkDemands
CA2146Types must be at least as critical as their base types and interfaces
CA2147Transparent methods may not use security asserts
CA2149Transparent methods must not call into native code
CA2200Rethrow to preserve stack details
CA2202Do not dispose objects multiple times
CA2207Initialize value type static fields inline
CA2212Do not mark serviced components with WebMethod
CA2213Disposable fields should be disposed
CA2214Do not call overridable methods in constructors
CA2216Disposable types should declare finalizer
CA2220Finalizers should call base class finalizer
CA2229Implement serialization constructors
CA2231Overload operator equals on overriding ValueType.Equals
CA2232Mark Windows Forms entry points with STAThread
CA2235Mark all non-serializable fields
CA2236Call base class methods on ISerializable types
CA2237Mark ISerializable types with SerializableAttribute
CA2238Implement serialization methods correctly
CA2240Implement ISerializable correctly
CA2241Provide correct arguments to formatting methods
CA2242Test for NaN correctly
CA1008Enums should have zero value
CA1013Overload operator equals on overloading add and subtract
CA1303Do not pass literals as localized parameters
CA1308Normalize strings to uppercase
CA1806Do not ignore method results
CA1816Call GC.SuppressFinalize correctly
CA1819Properties should not return arrays
CA1820Test for empty strings using string length
CA1903Use only API from targeted framework
CA2004Remove calls to GC.KeepAlive
CA2006Use SafeHandle to encapsulate native resources
CA2102Catch non-CLSCompliant exceptions in general handlers
CA2104Do not declare read only mutable reference types
CA2105Array fields should not be read only
CA2106Secure asserts
CA2115Call GC.KeepAlive when using native resources
CA2119Seal methods that satisfy private interfaces
CA2120Secure serialization constructors
CA2121Static constructors should be private
CA2130Security critical constants should be transparent
CA2205Use managed equivalents of Win32 API
CA2215Dispose methods should call base class dispose
CA2221Finalizers should be protected
CA2222Do not decrease inherited member visibility
CA2223Members should differ by more than return type
CA2224Override equals on overloading operator equals
CA2226Operators should have symmetrical overloads
CA2227Collection properties should be read only
CA2239Provide deserialization methods for optional fields