Mixed Recommended Rules rule set

The Microsoft Mixed Recommended Rules focus on the most common and critical problems in your C++ projects that support the Common Language Runtime, including potential security holes, application crashes, and other important logic and design errors. You should include this rule set in any custom rule set you create for your C++ projects that support the Common Language Runtime. This ruleset is designed to be configured with the Visual Studio Professional edition and higher.

Rule

Description

C6001

Using Uninitialized Memory

C6011

Dereferencing Null Pointer

C6029

Use Of Unchecked Value

C6031

Return Value Ignored

C6053

Zero Termination From Call

C6054

Zero Termination Missing

C6059

Bad Concatenation

C6063

Missing String Argument To Format Function

C6064

Missing Integer Argument To Format Function

C6066

Missing Pointer Argument To Format Function

C6067

Missing String Pointer Argument To Format Function

C6101

Returning uninitialized memory

C6200

Index Exceeds Buffer Maximum

C6201

Index Exceeds Stack Buffer Maximum

C6214

Invalid Cast HRESULT To BOOL

C6215

Invalid Cast BOOL To HRESULT

C6216

Invalid Compiler-Inserted Cast BOOL To HRESULT

C6217

Invalid HRESULT Test With NOT

C6220

Invalid HRESULT Compare To -1

C6226

Invalid HRESULT Assignment To -1

C6230

Invalid HRESULT Use As Boolean

C6235

Non-Zero Constant With Logical-Or

C6236

Logical-Or With Non-Zero Constant

C6237

Zero With Logical-And Loses Side Effects

C6242

Local Unwind Forced

C6248

Creating Null DACL

C6250

Unreleased Address Descriptors

C6255

Unprotected Use Of Alloca

C6258

Using Terminate Thread

C6259

Dead Code In Bitwise-Or Limited Switch

C6260

Use Of Byte Arithmetic

C6262

Excessive Stack Usage

C6263

Using Alloca In Loop

C6268

Missing Parentheses In Cast

C6269

Pointer Dereference Ignored

C6270

Missing Float Argument To Format Function

C6271

Extra Argument To Format Function

C6272

Non-Float Argument To Format Function

C6273

Non-Integer Argumen To Format Function

C6274

Non-Character Argument To Format Function

C6276

Invalid String Cast

C6277

Invalid CreateProcess Call

C6278

Array-New Scalar-Delete Mismatch

C6279

Scalar-New Array-Delete Mismatch

C6280

Memory Allocation-Deallocation Mismatch

C6281

Bitwise Relation Precedence

C6282

Assignment Replaces Test

C6283

Primitive Array-New Scalar-Delete Mismatch

C6284

Invalid Object Argument To Format Function

C6285

Logical-Or Of Constants

C6286

Non-Zero Logical-Or Losing Side Effects

C6287

Redundant Test

C6288

Mutual Inclusion Over Logical-And Is False

C6289

Mutual Exclusion Over Logical-Or Is True

C6290

Logical-Not Bitwise-And Precedence

C6291

Logical-Not Bitwise-Or Precedence

C6292

Loop Counts Up From Maximum

C6293

Loop Counts Down From Minimum

C6294

Loop Body Never Executed

C6295

Infinite Loop

C6296

Loop Only Executed Once

C6297

Result Of Shift Cast To Larger Size

C6299

Bitfield To Boolean Comparison

C6302

Invalid Character String Argument To Format Function

C6303

Invalid Wide Character String Argument To Format Function

C6305

Mismatched Size And Count Use

C6306

Incorrect Variable Argument Function Call

C6308

Realloc Leak

C6310

Illegal Exception Filter Constant

C6312

Exception Continue Execution Loop

C6314

Bitwise-Or Precedence

C6317

Not Not Complement

C6318

Exception Continue Search

C6319

Ignored By Comma

C6324

String Copy Instead Of String Compare

C6328

Potential Argument Type Mismatch

C6331

VirtualFree Invalid Flags

C6332

VirtualFree Invalid Parameter

C6333

VirtualFree Invalid Size

C6335

Leaking Process Handle

C6381

Shutdown Information Missing

C6383

Element-Count Byte-Count Buffer Overrun

C6384

Pointer Size Division

C6385

Read Overrun

C6386

Write Overrun

C6387

Invalid Parameter Value

C6388

Invalid Parameter Value

C6500

Invalid Attribute Property

C6501

Conflicting Attribute Property Values

C6503

References Cannot Be Null

C6504

Null On Non-Pointer

C6505

MustCheck On Void

C6506

Buffer Size On Non-Pointer Or Array

C6507

Null Mismatch At Dereference Zero

C6508

Write Access On Constant

C6509

Return Used On Precondition

C6510

Null Terminated On Non-Pointer

C6511

MustCheck Must Be Yes Or No

C6513

Element Size Without Buffer Size

C6514

Buffer Size Exceeds Array Size

C6515

Buffer Size On Non-Pointer

C6516

No Properties On Attribute

C6517

Valid Size On Non-Readable Buffer

C6518

Writable Size On Non-Writable Buffer

C6519

Invalid annotation: value of the 'NeedsRelease' property must be Yes or No

C6521

Invalid Size String Dereference

C6522

Invalid Size String Type

C6523

Invalid Size String Parameter

C6525

Invalid Size String Unreachable Location

C6526

Invalid Size String Buffer Type

C6527

Invalid annotation: 'NeedsRelease' property may not be used on values of void type

C6530

Unrecognized Format String Style

C6540

The use of attribute annotations on this function will invalidate all of its existing __declspec annotations

C6551

Invalid size specification: expression not parsable

C6552

Invalid Deref= or Notref=: expression not parsable

C6701

The value is not a valid Yes/No/Maybe value

C6702

The value is not a string value

C6703

The value is not a number

C6704

Unexpected Annotation Expression Error

C6705

Expected number of arguments for annotation does not match actual number of arguments for annotation

C6706

Unexpected Annotation Error for annotation

C6995

Failed to save XML Log file

C26100

Race condition

C26101

Failing to use interlocked operation properly

C26110

Caller failing to hold lock

C26111

Caller failing to release lock

C26112

Caller cannot hold any lock

C26115

Failing to release lock

C26116

Failing to acquire or to hold lock

C26117

Releasing unheld lock

C26140

Concurrency SAL annotation error

C28020

The expression is not true at this call

C28021

The parameter being annotated must be a pointer

C28022

The function class(es) on this function do not match the function class(es) on the typedef used to define it.

C28023

The function being assigned or passed should have a _Function_class_ annotation for at least one of the class(es)

C28024

The function pointer being assigned to is annotated with the function class, which is not contained in the function class(es) list.

C28039

The type of actual parameter should exactly match the type

C28112

A variable which is accessed via an Interlocked function must always be accessed via an Interlocked function.

C28113

Accessing a local variable via an Interlocked function

C28125

The function must be called from within a try/except block

C28137

The variable argument should instead be a (literal) constant

C28138

The constant argument should instead be variable

C28159

Consider using another function instead.

C28160

Error annotation

C28163

The function should never be called from within a try/except block

C28164

The argument is being passed to a function that expects a pointer to an object (not a pointer to a pointer)

C28182

Dereferencing NULL pointer. The pointer contains the same NULL value as another pointer did.

C28183

The argument could be one value, and is a copy of the value found in the pointer

C28193

The variable holds a value that must be examined

C28196

The requirement is not satisfied. (The expression does not evaluate to true.)

C28202

Illegal reference to non-static member

C28203

Ambiguous reference to class member.

C28205

_Success_ or _On_failure_ used in an illegal context

C28206

Left operand points to a struct, use '->'

C28207

Left operand is a struct, use '.'

C28209

The declaration for symbol has a conflicting declaration

C28210

Annotations for the __on_failure context must not be in explicit pre context

C28211

Static context name expected for SAL_context

C28212

Pointer expression expected for annotation

C28213

The _Use_decl_annotations_ annotation must be used to reference, without modification, a prior declaration.

C28214

Attribute parameter names must be p1...p9

C28215

The typefix cannot be applied to a parameter that already has a typefix

C28216

The checkReturn annotation only applies to postconditions for the specific function parameter.

C28217

For function, the number of parameters to annotation does not match that found at file

C28218

For function paramteer, the annotation's parameter does not match that found at file

C28219

Member of enumeration expected for annotation the parameter in the annotation

C28220

Integer expression expected for annotation the parameter in the annotation

C28221

String expression expected for the parameter in the annotation

C28222

__yes, __no, or __maybe expected for annotation

C28223

Did not find expected Token/identifier for annotation, parameter

C28224

Annotation requires parameters

C28225

Did not find the correct number of required parameters in annotation

C28226

Annotation cannot also be a PrimOp (in current declaration)

C28227

Annotation cannot also be a PrimOp (see prior declaration)

C28228

Annotation parameter: cannot use type in annotations

C28229

Annotation does not support parameters

C28230

The type of parameter has no member.

C28231

Annotation is only valid on array

C28232

pre, post, or deref not applied to any annotation

C28233

pre, post, or deref applied to a block

C28234

__at expression does not apply to current function

C28235

The function cannot stand alone as an annotation

C28236

The annotation cannot be used in an expression

C28237

The annotation on parameter is no longer supported

C28238

The annotation on parameter has more than one of value, stringValue, and longValue. Use paramn=xxx

C28239

The annotation on parameter has both value, stringValue, or longValue; and paramn=xxx. Use only paramn=xxx

C28240

The annotation on parameter has param2 but no param1

C28241

The annotation for function on parameter is not recognized

C28243

The annotation for function on parameter requires more dereferences than the actual type annotated allows

C28244

The annotation for function has an unparseable parameter/external annotation

C28245

The annotation for function annotates 'this' on a non-member-function

C28246

The parameter annotation for function does not match the type of the parameter

C28250

Inconsistent annotation for function: the prior instance has an error.

C28251

Inconsistent annotation for function: this instance has an error.

C28252

Inconsistent annotation for function: parameter has another annotations on this instance.

C28253

Inconsistent annotation for function: parameter has another annotations on this instance.

C28254

dynamic_cast<>() is not supported in annotations

C28262

A syntax error in the annotation was found in function, for annotation

C28263

A syntax error in a conditional annotation was found for Intrinsic annotation

C28264

Result lists values must be constants.

C28267

A syntax error in the annotations was found annotation in the function.

C28272

The annotation for function, parameter when examining is inconsistent with the function declaration

C28273

For function, the clues are inconsistent with the function declaration

C28275

The parameter to _Macro_value_ is null

C28279

For symbol, a 'begin' was found without a matching 'end'

C28280

For symbol, an 'end' was found without a matching 'begin'

C28282

Format Strings must be in preconditions

C28285

For function, syntax error in parameter

C28286

For function, syntax error near the end

C28287

For function, syntax Error in _At_() annotation (unrecognized parameter name)

C28288

For function, syntax Error in _At_() annotation (invalid parameter name)

C28289

For function: ReadableTo or WritableTo did not have a limit-spec as a parameter

C28290

the annotation for function contains more Externals than the actual number of parameters

C28291

post null/notnull at deref level 0 is meaningless for function.

C28300

Expression operands of incompatible types for operator

C28301

No annotations for first declaration of function.

C28302

An extra _Deref_ operator was found on annotation.

C28303

An ambiguous _Deref_ operator was found on annotation.

C28304

An improperly placed _Notref_ operator was found applied to token.

C28305

An error while parsing a token was discovered.

C28306

The annotation on parameter is obsolescent

C28307

The annotation on parameter is obsolescent

C28350

The annotation describes a situation that is not conditionally applicable.

C28351

The annotation describes where a dynamic value (a variable) cannot be used in the condition.

CA1001

Types that own disposable fields should be disposable

CA1009

Declare event handlers correctly

CA1016

Mark assemblies with AssemblyVersionAttribute

CA1033

Interface methods should be callable by child types

CA1049

Types that own native resources should be disposable

CA1060

Move P/Invokes to NativeMethods class

CA1061

Do not hide base class methods

CA1063

Implement IDisposable correctly

CA1065

Do not raise exceptions in unexpected locations

CA1301

Avoid duplicate accelerators

CA1400

P/Invoke entry points should exist

CA1401

P/Invokes should not be visible

CA1403

Auto layout types should not be COM visible

CA1404

Call GetLastError immediately after P/Invoke

CA1405

COM visible type base types should be COM visible

CA1410

COM registration methods should be matched

CA1415

Declare P/Invokes correctly

CA1821

Remove empty finalizers

CA1900

Value type fields should be portable

CA1901

P/Invoke declarations should be portable

CA2002

Do not lock on objects with weak identity

CA2100

Review SQL queries for security vulnerabilities

CA2101

Specify marshaling for P/Invoke string arguments

CA2108

Review declarative security on value types

CA2111

Pointers should not be visible

CA2112

Secured types should not expose fields

CA2114

Method security should be a superset of type

CA2116

APTCA methods should only call APTCA methods

CA2117

APTCA types should only extend APTCA base types

CA2122

Do not indirectly expose methods with link demands

CA2123

Override link demands should be identical to base

CA2124

Wrap vulnerable finally clauses in outer try

CA2126

Type link demands require inheritance demands

CA2131

Security critical types may not participate in type equivalence

CA2132

Default constructors must be at least as critical as base type default constructors

CA2133

Delegates must bind to methods with consistent transparency

CA2134

Methods must keep consistent transparency when overriding base methods

CA2137

Transparent methods must contain only verifiable IL

CA2138

Transparent methods must not call methods with the SuppressUnmanagedCodeSecurity attribute

CA2140

Transparent code must not reference security critical items

CA2141

Transparent methods must not satisfy LinkDemands

CA2146

Types must be at least as critical as their base types and interfaces

CA2147

Transparent methods may not use security asserts

CA2149

Transparent methods must not call into native code

CA2200

Rethrow to preserve stack details

CA2202

Do not dispose objects multiple times

CA2207

Initialize value type static fields inline

CA2212

Do not mark serviced components with WebMethod

CA2213

Disposable fields should be disposed

CA2214

Do not call overridable methods in constructors

CA2216

Disposable types should declare finalizer

CA2220

Finalizers should call base class finalizer

CA2229

Implement serialization constructors

CA2231

Overload operator equals on overriding ValueType.Equals

CA2232

Mark Windows Forms entry points with STAThread

CA2235

Mark all non-serializable fields

CA2236

Call base class methods on ISerializable types

CA2237

Mark ISerializable types with SerializableAttribute

CA2238

Implement serialization methods correctly

CA2240

Implement ISerializable correctly

CA2241

Provide correct arguments to formatting methods

CA2242

Test for NaN correctly