CA2149: Transparent methods must not call into native code
| Item | Value |
|---|---|
| RuleId | CA2149 |
| Category | Microsoft.Security |
| Breaking change | Breaking |
Cause
A method calls a native function through a method stub such as P/Invoke.
Note
This rule has been deprecated. For more information, see Deprecated rules.
Rule description
This rule fires on any transparent method that calls directly into native code, for example, through a P/Invoke. Violations of this rule lead to a MethodAccessException in the level 2 transparency model, and a full demand for UnmanagedCode in the level 1 transparency model.
How to fix violations
To fix a violation of this rule, mark the method that calls the native code with the SecurityCriticalAttribute or SecuritySafeCriticalAttribute attribute.
When to suppress warnings
Do not suppress a warning from this rule.
Example
using System;
using System.Runtime.InteropServices;
namespace TransparencyWarningsDemo
{
public class CallNativeCodeClass
{
[DllImport("kernel32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
static extern bool Beep(uint dwFreq, uint dwDuration);
public void CallNativeMethod()
{
// CA2149 violation - transparent method calling native code
Beep(10000, 1);
}
}
}