| title | description | ms.date | ms.topic | f1_keywords | helpviewer_keywords | author | ms.author | manager | ms.subservice | monikerRange | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
CA2123: Override link demands should be identical to base |
A public or protected method in a public type overrides a method or implements an interface, and does not have the same LinkDemand as the interface or virtual method. |
11/04/2016 |
reference |
|
|
mikejo5000 |
mikejo |
mijacobs |
code-analysis |
vs-2019 |
| Item | Value |
|---|---|
| RuleId | CA2123 |
| Category | Microsoft.Security |
| Breaking change | Breaking |
A public or protected method in a public type overrides a method or implements an interface, and does not have the same Link Demands as the interface or virtual method.
Note
This rule has been deprecated. For more information, see Deprecated rules.
This rule matches a method to its base method, which is either an interface or a virtual method in another type, and then compares the link demands on each. A violation is reported if either the method or the base method has a link demand and the other does not.
If this rule is violated, a malicious caller can bypass the link demand merely by calling the unsecured method.
To fix a violation of this rule, apply the same link demand to the override method or implementation. If this is not possible, mark the method with a full demand or remove the attribute altogether.
Do not suppress a warning from this rule.
The following example shows various violations of this rule.
:::code language="csharp" source="../snippets/csharp/VS_Snippets_CodeAnalysis/FxCop.Security.OverridesAndSecurity/cs/FxCop.Security.OverridesAndSecurity.cs" id="Snippet1":::