CA2139: Transparent methods may not use the HandleProcessCorruptingExceptions attribute
TypeName |
TransparentMethodsMustNotHandleProcessCorruptingExceptions |
CheckId |
CA2139 |
Category |
Microsoft.Security |
Breaking Change |
Breaking |
Cause
A transparent method is marked with the HandleProcessCorruptedStateExceptionsAttribute attribute.
Rule Description
This rule fires any method which is transparent and attempts to handle a process corrupting exception by using the HandleProcessCorruptedStateExceptionsAttribute attribute. A process corrupting exception is a CLR version 4.0 exception classification of exceptions such AccessViolationException. The HandleProcessCorruptedStateExceptionsAttribute attribute may only be used by security critical methods, and will be ignored if it is applied to a transparent method. To handle process corrupting exceptions, this method must become security critical or security safe-critical.
How to Fix Violations
To fix a violation of this rule, remove the HandleProcessCorruptedStateExceptionsAttribute attribute, or mark the method with the SecurityCriticalAttribute or the SecuritySafeCriticalAttribute attribute.
When to Suppress Warnings
Do not suppress a warning from this rule.
Example
In this example, a transparent method is marked with the HandleProcessCorruptedStateExceptionsAttribute attribute and will fail the rule. The method should also be marked with the SecurityCriticalAttribute or the SecuritySafeCriticalAttribute attribute.
using System;
using System.Runtime.InteropServices;
using System.Runtime.ExceptionServices;
using System.Security;
namespace TransparencyWarningsDemo
{
public class HandleProcessCorruptedStateExceptionClass
{
[DllImport("SomeModule.dll")]
private static extern void NativeCode();
// CA2139 violation - transparent method attempting to handle a process corrupting exception
[HandleProcessCorruptedStateExceptions]
public void HandleCorruptingExceptions()
{
try
{
NativeCode();
}
catch (AccessViolationException) { }
}
}
}