CA2149: Transparent methods must not call into native code

Item Value
RuleId CA2149
Category Microsoft.Security
Breaking change Breaking

Cause

A method calls a native function through a method stub such as P/Invoke.

Note

This rule has been deprecated. For more information, see Deprecated rules.

Rule description

This rule fires on any transparent method that calls directly into native code, for example, through a P/Invoke. Violations of this rule lead to a MethodAccessException in the level 2 transparency model, and a full demand for UnmanagedCode in the level 1 transparency model.

How to fix violations

To fix a violation of this rule, mark the method that calls the native code with the SecurityCriticalAttribute or SecuritySafeCriticalAttribute attribute.

When to suppress warnings

Do not suppress a warning from this rule.

Example

using System;
using System.Runtime.InteropServices;

namespace TransparencyWarningsDemo
{

    public class CallNativeCodeClass
    {
        [DllImport("kernel32.dll", SetLastError = true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        static extern bool Beep(uint dwFreq, uint dwDuration);

        public void CallNativeMethod()
        {
            // CA2149 violation - transparent method calling native code
            Beep(10000, 1);
        }
    }

}