-
Notifications
You must be signed in to change notification settings - Fork 4
Gendarme.Rules.Security.Cas.SecureGetObjectDataOverridesRule(2.10)
Sebastien Pouliot edited this page Feb 9, 2011
·
3 revisions
Assembly: Gendarme.Rules.Security.Cas
Version: 2.10
This rule fires if a type implements System.Runtime.Serialization.ISerializable but the GetObjectData method is not protected with a Demand or LinkDemand for SerializationFormatter.
Bad example:
public class Bad : ISerializable {
public override void GetObjectData (SerializationInfo info, StreamingContext context)
{
}
}
Good example:
public class Good : ISerializable {
[SecurityPermission (SecurityAction.LinkDemand, SerializationFormatter = true)]
public override void GetObjectData (SerializationInfo info, StreamingContext context)
{
}
}
- Before Gendarme 2.2 this rule was part of Gendarme.Rules.Security.
Note that this page was autogenerated (3/17/2011 9:31:58 PM) based on the xmldoc comments inside the rules source code and cannot be edited from this wiki.
Please report any documentation errors, typos or suggestions to the
Gendarme Mailing List. Thanks!