Jaa


CA2149: Transparent methods must not call into native code

Applies to: yesVisual Studio noVisual Studio for Mac

Note

This article applies to Visual Studio 2017. If you're looking for the latest Visual Studio documentation, see Visual Studio documentation. We recommend upgrading to the latest version of Visual Studio. Download it here

Item Value
RuleId CA2149
Category Microsoft.Security
Breaking change Breaking

Cause

A method calls a native function through a method stub such as P/Invoke.

Note

This rule has been deprecated. For more information, see Deprecated rules.

Rule description

This rule fires on any transparent method that calls directly into native code, for example, through a P/Invoke. Violations of this rule lead to a MethodAccessException in the level 2 transparency model, and a full demand for UnmanagedCode in the level 1 transparency model.

How to fix violations

To fix a violation of this rule, mark the method that calls the native code with the SecurityCriticalAttribute or SecuritySafeCriticalAttribute attribute.

When to suppress warnings

Do not suppress a warning from this rule.

Example

using System;
using System.Runtime.InteropServices;

namespace TransparencyWarningsDemo
{

    public class CallNativeCodeClass
    {
        [DllImport("kernel32.dll", SetLastError = true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        static extern bool Beep(uint dwFreq, uint dwDuration);

        public void CallNativeMethod()
        {
            // CA2149 violation - transparent method calling native code
            Beep(10000, 1);
        }
    }

}