CA2235: Mark all non-serializable fields

TypeName

MarkAllNonSerializableFields

CheckId

CA2235

Category

Microsoft.Usage

Breaking Change

Non Breaking

Cause

An instance field of a type that is not serializable is declared in a type that is serializable.

Rule Description

A serializable type is one that is marked with the SerializableAttribute attribute. When the type is serialized, a SerializationException exception is thrown if a type contains an instance field of a type that is not serializable.

How to Fix Violations

To fix a violation of this rule, apply the NonSerializedAttribute attribute to the field that is not serializable.

When to Suppress Warnings

Only suppress a warning from this rule if a ISerializationSurrogate type is declared that allows instances of the field to be serialized and deserialized.

Example

The following example shows a type that violates the rule and a type that satisfies the rule.

Imports System
Imports System.Runtime.Serialization

Namespace UsageLibrary

   Public Class Mouse

      Dim buttons As Integer 
      Dim scanTypeValue As String 

      ReadOnly Property NumberOfButtons As Integer 
         Get 
            Return buttons
         End Get 
      End Property 

      ReadOnly Property ScanType As String 
         Get 
            Return scanTypeValue
         End Get 
      End Property 

      Sub New(numberOfButtons As Integer, scanType As String)
         buttons = numberOfButtons
         scanTypeValue = scanType
      End Sub 

   End Class

   <SerializableAttribute> _ 
   Public Class InputDevices1

      ' Violates MarkAllNonSerializableFields. 
      Dim opticalMouse As Mouse 

      Sub New()
         opticalMouse = New Mouse(5, "optical") 
      End Sub 

   End Class

   <SerializableAttribute> _ 
   Public Class InputDevices2

      ' Satisfies MarkAllNonSerializableFields.
      <NonSerializedAttribute> _ 
      Dim opticalMouse As Mouse 

      Sub New()
         opticalMouse = New Mouse(5, "optical") 
      End Sub 

   End Class 

End Namespace
using System;
using System.Runtime.Serialization;

namespace UsageLibrary
{
   public class Mouse
   {
      int buttons;
      string scanTypeValue;

      public int NumberOfButtons
      {
         get { return buttons; }
      }

      public string ScanType
      {
         get { return scanTypeValue; }
      }

      public Mouse(int numberOfButtons, string scanType)
      {
         buttons = numberOfButtons;
         scanTypeValue = scanType;
      }
   }

   [SerializableAttribute]
   public class InputDevices1
   {
      // Violates MarkAllNonSerializableFields.
      Mouse opticalMouse;

      public InputDevices1()
      {
         opticalMouse = new Mouse(5, "optical"); 
      }
   }

   [SerializableAttribute]
   public class InputDevices2
   {
      // Satisfies MarkAllNonSerializableFields.
      [NonSerializedAttribute]
      Mouse opticalMouse;

      public InputDevices2()
      {
         opticalMouse = new Mouse(5, "optical"); 
      }
   }
}

CA2236: Call base class methods on ISerializable types

CA2240: Implement ISerializable correctly

CA2229: Implement serialization constructors

CA2238: Implement serialization methods correctly

CA2237: Mark ISerializable types with SerializableAttribute

CA2239: Provide deserialization methods for optional fields

CA2120: Secure serialization constructors