CA2130: Security critical constants should be transparent
Note
This article applies to Visual Studio 2015. If you're looking for the latest Visual Studio documentation, see Visual Studio documentation. We recommend upgrading to the latest version of Visual Studio. Download it here
Item | Value |
---|---|
TypeName | ConstantsShouldBeTransparent |
CheckId | CA2130 |
Category | Microsoft.Security |
Breaking Change | Breaking |
Cause
A constant field or an enumeration member is marked with the SecurityCriticalAttribute.
Rule Description
Transparency enforcement is not enforced for constant values because compilers inline constant values so that no lookup is required at run time. Constant fields should be security transparent so that code reviewers do not assume that transparent code cannot access the constant.
How to Fix Violations
To fix a violation of this rule, remove the SecurityCritical attribute from the field or value.
When to Suppress Warnings
Do not suppress a warning from this rule.
Example
In the following examples, the enum value EnumWithCriticalValues.CriticalEnumValue
and the constant CriticalConstant
raise this warning. To fix the issues, remove the [SecurityCritical
] attribute to make them security transparent.
using System;
using System.Security;
//[assembly: SecurityRules(SecurityRuleSet.Level2)]
//[assembly: AllowPartiallyTrustedCallers]
namespace TransparencyWarningsDemo
{
public enum EnumWithCriticalValues
{
TransparentEnumValue,
// CA2130 violation
[SecurityCritical]
CriticalEnumValue
}
public class ClassWithCriticalConstant
{
// CA2130 violation
[SecurityCritical]
public const int CriticalConstant = 21;
}
}