Validate arguments of public methods

Article
11/16/2012

TypeName	ValidateArgumentsOfPublicMethods
CheckId	CA1062
Category	Microsoft.Design
Breaking Change	Non Breaking

Cause

An externally visible method dereferences one of its reference arguments without verifying whether that argument is null (Nothing in Visual Basic).

Rule Description

All reference arguments passed to externally visible methods should be checked against null. If appropriate, throw a System.ArgumentNullException when the argument is null.

How to Fix Violations

To fix a violation of this rule, validate each reference argument against null.

When to Suppress Warnings

Do not suppress a warning from this rule.

Example

The following example shows a method that violates the rule and a method that satisfies the rule.

Imports System

Namespace DesignLibrary

    Public Class Test

        ' This method violates the rule. 
        Sub DoNotValidate(ByVal input As String)

            If input.Length <> 0 Then
                Console.WriteLine(input)
            End If 

        End Sub 

        ' This method satisfies the rule. 
        Sub Validate(ByVal input As String)

            If input Is Nothing Then 
                Throw New ArgumentNullException("input")
            End If 

            If input.Length <> 0 Then
                Console.WriteLine(input)
            End If 

        End Sub 

    End Class 

End Namespace

using System;

namespace DesignLibrary
{
    public class Test
    {
        // This method violates the rule. 
        public void DoNotValidate(string input)
        {
            if (input.Length != 0)
            {
                Console.WriteLine(input);
            }
        }

        // This method satisfies the rule. 
        public void Validate(string input)
        {
            if (input == null)
            {
                throw new ArgumentNullException("input");
            }
            if (input.Length != 0)
            {
                Console.WriteLine(input);
            }
        }
    }
}

In Visual Studio 2005, this rule has several limitations. One limitation is that

it does not detect that parameters are being passed to another method that does the validation.

Public Function Method(ByVal value As String) As String
    EnsureNotNull(value)

    ' Fires incorrectly     
    Return value.ToString()
End Function 

Private Sub EnsureNotNull(ByVal value As String)
    If value Is Nothing Then 
        Throw (New ArgumentNullException("value"))
    End If 
End Sub

public string Method(string value)
{
    EnsureNotNull(value);

    // Fires incorrectly     
    return value.ToString();
}

private void EnsureNotNull(string value)
{
    if (value == null)
        throw new ArgumentNullException("value");
}

Another limitation is that it does not understand short-circuit operators.

Public Function Method(ByVal value1 As String, ByVal value2 As String) As String 
    If value1 Is Nothing OrElse value2 Is Nothing Then 
        Throw New ArgumentNullException()
    End If 

    ' Fires incorrectly     
    Return value1.ToString() + value2.ToString()

End Function

public string Method(string value1, string value2)
{
    if (value1 == null || value2 == null)
        throw new ArgumentNullException(value1 == null ? "value1" : "value2");

    // Fires incorrectly     
    return value1.ToString() + value2.ToString();
}