CS.SV.TYPE

Security critical types may not participate in type equivalence.

This rule fires on any critical types or types that contain critical methods or fields that are participating in type equivalence. When the CLR detects such a type, it fails to load it with a TypeLoadException at run time. Typically, this rule fires only when users implement type equivalence manually rather than by relying on tlbimp and the compilers to do the type equivalence.

Mitigation and prevention

To fix a violation of this rule, remove the SecurityCritical attribute.

Vulnerable code example

Copy

2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
  using System;
  using System.Security;
  using System.Runtime.InteropServices;
  
  [assembly: SecurityRules(SecurityRuleSet.Level2)]
  [assembly: AllowPartiallyTrustedCallers]
  
  namespace TransparencyWarningsDemo
 {
 
     // CA2131 error - critical type participating in equivilance
     [SecurityCritical]
     [TypeIdentifier("3a5b6203-2bf1-4f83-b5b4-1bdc334ad3ea", "ICriticalEquivilentInterface")]
     public interface ICriticalEquivilentInterface
     {
         void Method1();
     }
 
     [TypeIdentifier("3a5b6203-2bf1-4f83-b5b4-1bdc334ad3ea", "ITransparentEquivilentInterface")]
     public interface ITransparentEquivilentInterface
     {
         // CA2131 error - critical method in a type participating in equivilance
         [SecurityCritical]
         void CriticalMethod();
     }
 
     [SecurityCritical]
     [TypeIdentifier("3a5b6203-2bf1-4f83-b5b4-1bdc334ad3ea", "ICriticalEquivilentInterface")]
     public struct EquivilentStruct
     {
         // CA2131 error - critical field in a type participating in equivalence
         [SecurityCritical]
         public int CriticalField;
     }
 }

The examples demonstrate an interface, a method, and a field that will cause this rule to fire.

CS.SV.TYPE_EQVL

Mitigation and prevention

Vulnerable code example