CA2229: Implement serialization constructors

  • Article

TypeName

ImplementSerializationConstructors

CheckId

CA2229

Category

Microsoft.Usage

Breaking Change

Non Breaking

Cause

The type implements the ISerializable interface, is not a delegate or interface, and one of the following conditions is true:

  • The type does not have a constructor that takes a SerializationInfo object and a StreamingContext object (the signature of the serialization constructor).

  • The type is unsealed and the access modifier for its serialization constructor is not protected (family).

  • The type is sealed and the access modifier for its serialization constructor is not private.

Rule Description

This rule is relevant for types that support custom serialization. A type supports custom serialization if it implements the ISerializable interface. The serialization constructor is required to deserialize, or re-create objects that have been serialized using the ISerializable.GetObjectData method.

How to Fix Violations

To fix a violation of this rule, implement the serialization constructor. For a sealed class, make the constructor private; otherwise, make it protected.

When to Suppress Warnings

Do not suppress a violation of the rule. The type will not be deserializable, and will not function in many scenarios.

Example

The following example shows a type that satisfies the rule.

using System;
using System.IO;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Formatters.Binary;
using System.Security.Permissions;

namespace UsageLibrary 
{   
    [Serializable]
    public class SerializationConstructorsRequired : ISerializable 
    {
        private   int n1;

        // This is a regular constructor. 
        public SerializationConstructorsRequired ()
        {
            n1 = -1;
        }
        // This is the serialization constructor. 
        // Satisfies rule: ImplementSerializationConstructors. 

        protected SerializationConstructorsRequired(
           SerializationInfo info, 
           StreamingContext context)
        {
            n1 = (int) info.GetValue("n1", typeof(int));
        }

        // The following method serializes the instance.
        [SecurityPermission(SecurityAction.LinkDemand, 
            Flags=SecurityPermissionFlag.SerializationFormatter)]
        void ISerializable.GetObjectData(SerializationInfo info, 
           StreamingContext context)
        {
            info.AddValue("n1", n1);
        }
    }
}

CA2237: Mark ISerializable types with SerializableAttribute

See Also

Reference

ISerializable

SerializationInfo

StreamingContext