-
Notifications
You must be signed in to change notification settings - Fork 4
Gendarme.Rules.Security.Cas.SecureGetObjectDataOverridesRule(git)
Sebastien Pouliot edited this page Mar 2, 2011
·
1 revision
Assembly: Gendarme.Rules.Security.Cas
Version: git
This rule fires if a type implements System.Runtime.Serialization.ISerializable but the GetObjectData method is not protected with a Demand or LinkDemand for SerializationFormatter.
Bad example:
public class Bad : ISerializable {
public override void GetObjectData (SerializationInfo info, StreamingContext context)
{
}
}
Good example:
public class Good : ISerializable {
[SecurityPermission (SecurityAction.LinkDemand, SerializationFormatter = true)]
public override void GetObjectData (SerializationInfo info, StreamingContext context)
{
}
}
- Before Gendarme 2.2 this rule was part of Gendarme.Rules.Security.
You can browse the latest source code of this rule on github.com
Note that this page was autogenerated (3/17/2011 1:55:44 PM) based on the xmldoc comments inside the rules source code and cannot be edited from this wiki.
Please report any documentation errors, typos or suggestions to the
Gendarme Mailing List. Thanks!