From 633e04481f21a23d567cf49177f76fbef3a34cfe Mon Sep 17 00:00:00 2001
From: Stephen Toub <stoub@microsoft.com>
Date: Mon, 12 Jul 2021 10:18:04 -0400
Subject: [PATCH] Enable CA1419 (SafeHandle public parameterless ctor) (#55460)

---
 eng/CodeAnalysis.ruleset                               |  1 +
 .../Interop.Keychain.macOS.cs                          |  2 +-
 .../src/Interop/Windows/HttpApi/Interop.HttpApi.cs     |  2 +-
 .../src/Interop/Windows/SspiCli/SecuritySafeHandles.cs |  2 +-
 .../Win32/SafeHandles/Asn1SafeHandles.Unix.cs          |  4 ++--
 .../SafeHandles/GssSafeHandles.PlatformNotSupported.cs |  7 ++++---
 .../Win32/SafeHandles/SafeUnicodeStringHandle.cs       |  2 ++
 .../System/Net/Security/SecurityContextTokenHandle.cs  |  2 +-
 .../System/Net/Security/Unix/SafeDeleteNegoContext.cs  |  2 ++
 .../System/Net/Security/Unix/SafeDeleteSslContext.cs   |  2 ++
 .../System/Net/Security/Unix/SafeFreeCertContext.cs    |  2 ++
 .../Net/Security/Unix/SafeFreeNegoCredentials.cs       |  2 ++
 .../System/Net/Security/Unix/SafeFreeSslCredentials.cs |  2 ++
 .../src/System/Data/Odbc/OdbcConnectionHandle.cs       |  2 ++
 .../src/System/Data/Odbc/OdbcHandle.cs                 |  2 ++
 .../src/System/Data/Odbc/OdbcStatementHandle.cs        |  2 ++
 .../System.Data.Odbc/src/System/Data/Odbc/OdbcUtils.cs |  2 ++
 .../System.Data.OleDb/src/OleDbTransaction.cs          |  2 ++
 src/libraries/System.Data.OleDb/src/OleDbWrapper.cs    |  6 ++++--
 src/libraries/System.Data.OleDb/src/PropertyIDSet.cs   |  2 ++
 src/libraries/System.Data.OleDb/src/PropertyInfoSet.cs |  2 ++
 src/libraries/System.Data.OleDb/src/RowBinding.cs      |  2 ++
 src/libraries/System.Data.OleDb/src/SafeHandles.cs     |  2 ++
 .../src/System/Data/ProviderBase/DbConnectionPool.cs   |  2 +-
 .../DirectoryServices/AccountManagement/AuthZSet.cs    |  5 +++--
 .../DirectoryServices/Protocols/Interop/SafeHandles.cs |  2 ++
 .../Drawing/Drawing2D/SafeCustomLineCapHandle.cs       |  4 ++++
 .../src/System/Net/Http/WinHttpChannelBinding.cs       |  3 ++-
 .../src/System/Net/Windows/HttpServerSessionHandle.cs  |  2 ++
 .../Quic/Implementations/MsQuic/Internal/MsQuicApi.cs  | 10 +++++-----
 .../MsQuic/Interop/SafeMsQuicConfigurationHandle.cs    |  2 +-
 .../MsQuic/Interop/SafeMsQuicConnectionHandle.cs       |  2 +-
 .../MsQuic/Interop/SafeMsQuicListenerHandle.cs         |  2 +-
 .../MsQuic/Interop/SafeMsQuicRegistrationHandle.cs     |  2 +-
 .../MsQuic/Interop/SafeMsQuicStreamHandle.cs           |  2 +-
 .../Net/Security/Pal.Android/SafeDeleteSslContext.cs   |  2 ++
 .../Security/Pal.Managed/SafeChannelBindingHandle.cs   |  2 ++
 .../Net/Security/Pal.Managed/SafeFreeSslCredentials.cs |  2 ++
 .../Net/Security/Pal.OSX/SafeDeleteSslContext.cs       |  2 ++
 .../src/System/Security/SecureString.cs                |  2 ++
 ...m.Private.Runtime.InteropServices.JavaScript.csproj |  1 +
 .../src/System/Security/Cryptography/CngKeyLite.cs     |  2 ++
 .../Win32/SafeHandles/SafeCertContextHandle.cs         |  2 ++
 .../Win32/SafeHandles/SafeProvOrNCryptKeyHandleUwp.cs  |  2 ++
 .../Cryptography/Pal.Windows/Native/SafeHandles.cs     |  2 ++
 .../Microsoft/Win32/SafeHandles/SafePasswordHandle.cs  |  2 ++
 .../Microsoft/Win32/SafeHandles/SafeServiceHandle.cs   |  4 ++++
 47 files changed, 94 insertions(+), 25 deletions(-)

diff --git a/eng/CodeAnalysis.ruleset b/eng/CodeAnalysis.ruleset
index 8faa50e9a6f00..133252bae8f79 100644
--- a/eng/CodeAnalysis.ruleset
+++ b/eng/CodeAnalysis.ruleset
@@ -68,6 +68,7 @@
     <Rule Id="CA1416" Action="Warning" />       <!-- Validate platform compatibility -->
     <Rule Id="CA1417" Action="Warning" />       <!-- Do not use 'OutAttribute' on string parameters for P/Invokes -->
     <Rule Id="CA1418" Action="Warning" />       <!-- Use valid platform string -->
+    <Rule Id="CA1419" Action="Warning" />       <!-- Provide a public parameterless constructor for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' -->
     <Rule Id="CA1501" Action="None" />          <!-- Avoid excessive inheritance -->
     <Rule Id="CA1502" Action="None" />          <!-- Avoid excessive complexity -->
     <Rule Id="CA1505" Action="None" />          <!-- Avoid unmaintainable code -->
diff --git a/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Keychain.macOS.cs b/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Keychain.macOS.cs
index 862760aa2c8de..c93319994bbd5 100644
--- a/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Keychain.macOS.cs
+++ b/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Keychain.macOS.cs
@@ -401,7 +401,7 @@ internal sealed class SafeTemporaryKeychainHandle : SafeKeychainHandle
         private static readonly Dictionary<IntPtr, SafeTemporaryKeychainHandle> s_lookup =
             new Dictionary<IntPtr, SafeTemporaryKeychainHandle>();
 
-        internal SafeTemporaryKeychainHandle()
+        public SafeTemporaryKeychainHandle()
         {
         }
 
diff --git a/src/libraries/Common/src/Interop/Windows/HttpApi/Interop.HttpApi.cs b/src/libraries/Common/src/Interop/Windows/HttpApi/Interop.HttpApi.cs
index e0982d907c687..27c22800a42d5 100644
--- a/src/libraries/Common/src/Interop/Windows/HttpApi/Interop.HttpApi.cs
+++ b/src/libraries/Common/src/Interop/Windows/HttpApi/Interop.HttpApi.cs
@@ -508,7 +508,7 @@ internal sealed class SafeLocalFreeChannelBinding : ChannelBinding
         {
             private int _size;
 
-            private SafeLocalFreeChannelBinding() { }
+            public SafeLocalFreeChannelBinding() { }
 
             public override int Size
             {
diff --git a/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs b/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs
index 0f2cb05603aca..43b718524d1ca 100644
--- a/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs
+++ b/src/libraries/Common/src/Interop/Windows/SspiCli/SecuritySafeHandles.cs
@@ -128,7 +128,7 @@ public static unsafe int QueryContextAttributes(SafeDeleteContext phContext, Int
 
     internal sealed class SafeFreeContextBuffer_SECURITY : SafeFreeContextBuffer
     {
-        internal SafeFreeContextBuffer_SECURITY() : base() { }
+        public SafeFreeContextBuffer_SECURITY() : base() { }
 
         protected override bool ReleaseHandle()
         {
diff --git a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/Asn1SafeHandles.Unix.cs b/src/libraries/Common/src/Microsoft/Win32/SafeHandles/Asn1SafeHandles.Unix.cs
index 193533551bcea..f8b26951cf226 100644
--- a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/Asn1SafeHandles.Unix.cs
+++ b/src/libraries/Common/src/Microsoft/Win32/SafeHandles/Asn1SafeHandles.Unix.cs
@@ -68,7 +68,7 @@ public override bool IsInvalid
 
     internal sealed class SafeSharedAsn1IntegerHandle : SafeInteriorHandle
     {
-        private SafeSharedAsn1IntegerHandle() :
+        public SafeSharedAsn1IntegerHandle() :
             base(IntPtr.Zero, ownsHandle: true)
         {
         }
@@ -76,7 +76,7 @@ internal sealed class SafeSharedAsn1IntegerHandle : SafeInteriorHandle
 
     internal sealed class SafeSharedAsn1OctetStringHandle : SafeInteriorHandle
     {
-        private SafeSharedAsn1OctetStringHandle() :
+        public SafeSharedAsn1OctetStringHandle() :
             base(IntPtr.Zero, ownsHandle: true)
         {
         }
diff --git a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/GssSafeHandles.PlatformNotSupported.cs b/src/libraries/Common/src/Microsoft/Win32/SafeHandles/GssSafeHandles.PlatformNotSupported.cs
index 0c6a8304620ad..20eeb6dfbf818 100644
--- a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/GssSafeHandles.PlatformNotSupported.cs
+++ b/src/libraries/Common/src/Microsoft/Win32/SafeHandles/GssSafeHandles.PlatformNotSupported.cs
@@ -18,7 +18,8 @@ public override bool IsInvalid
         }
 
         protected override bool ReleaseHandle() => throw new PlatformNotSupportedException();
-        private SafeGssNameHandle()
+
+        public SafeGssNameHandle()
             : base(IntPtr.Zero, true)
         {
         }
@@ -27,7 +28,7 @@ private SafeGssNameHandle()
     [UnsupportedOSPlatform("tvos")]
     internal sealed class SafeGssCredHandle : SafeHandle
     {
-        private SafeGssCredHandle()
+        public SafeGssCredHandle()
             : base(IntPtr.Zero, true)
         {
         }
@@ -43,7 +44,7 @@ public override bool IsInvalid
     [UnsupportedOSPlatform("tvos")]
     internal sealed class SafeGssContextHandle : SafeHandle
     {
-        private SafeGssContextHandle()
+        public SafeGssContextHandle()
             : base(IntPtr.Zero, true)
         {
         }
diff --git a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/SafeUnicodeStringHandle.cs b/src/libraries/Common/src/Microsoft/Win32/SafeHandles/SafeUnicodeStringHandle.cs
index e58bfd19695ea..0c27a20049577 100644
--- a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/SafeUnicodeStringHandle.cs
+++ b/src/libraries/Common/src/Microsoft/Win32/SafeHandles/SafeUnicodeStringHandle.cs
@@ -4,6 +4,8 @@
 using System;
 using System.Runtime.InteropServices;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace Microsoft.Win32.SafeHandles
 {
     /// <summary>
diff --git a/src/libraries/Common/src/System/Net/Security/SecurityContextTokenHandle.cs b/src/libraries/Common/src/System/Net/Security/SecurityContextTokenHandle.cs
index 8e889f852afc3..4f4c9951a72ed 100644
--- a/src/libraries/Common/src/System/Net/Security/SecurityContextTokenHandle.cs
+++ b/src/libraries/Common/src/System/Net/Security/SecurityContextTokenHandle.cs
@@ -16,7 +16,7 @@ internal sealed class SecurityContextTokenHandle : CriticalHandleZeroOrMinusOneI
 #endif
         private int _disposed;
 
-        private SecurityContextTokenHandle() : base()
+        public SecurityContextTokenHandle() : base()
         {
         }
 
diff --git a/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs b/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs
index 123a28ace0f49..2e5a0b8560027 100644
--- a/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs
+++ b/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs
@@ -7,6 +7,8 @@
 using System.Text;
 using Microsoft.Win32.SafeHandles;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net.Security
 {
     internal sealed class SafeDeleteNegoContext : SafeDeleteContext
diff --git a/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteSslContext.cs b/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteSslContext.cs
index 9b27cc0d969fd..3f550d36d7f43 100644
--- a/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteSslContext.cs
+++ b/src/libraries/Common/src/System/Net/Security/Unix/SafeDeleteSslContext.cs
@@ -11,6 +11,8 @@
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net.Security
 {
     internal sealed class SafeDeleteSslContext : SafeDeleteContext
diff --git a/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeCertContext.cs b/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeCertContext.cs
index c5fa820ab9279..ca7438a33b483 100644
--- a/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeCertContext.cs
+++ b/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeCertContext.cs
@@ -8,6 +8,8 @@
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net.Security
 {
 #if DEBUG
diff --git a/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeNegoCredentials.cs b/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeNegoCredentials.cs
index 58d1942829e52..fef571d5f7dbd 100644
--- a/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeNegoCredentials.cs
+++ b/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeNegoCredentials.cs
@@ -7,6 +7,8 @@
 using System.Text;
 using Microsoft.Win32.SafeHandles;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net.Security
 {
     internal sealed class SafeFreeNegoCredentials : SafeFreeCredentials
diff --git a/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeSslCredentials.cs b/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeSslCredentials.cs
index 8867027d07042..ff378ab425139 100644
--- a/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeSslCredentials.cs
+++ b/src/libraries/Common/src/System/Net/Security/Unix/SafeFreeSslCredentials.cs
@@ -10,6 +10,8 @@
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net.Security
 {
     internal sealed class SafeFreeSslCredentials : SafeFreeCredentials
diff --git a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcConnectionHandle.cs b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcConnectionHandle.cs
index 6cd776f00fa2f..b2c7ee7cb3362 100644
--- a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcConnectionHandle.cs
+++ b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcConnectionHandle.cs
@@ -6,6 +6,8 @@
 using System.Runtime.CompilerServices;
 using System.Runtime.ConstrainedExecution;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.Odbc
 {
     internal sealed class OdbcConnectionHandle : OdbcHandle
diff --git a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcHandle.cs b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcHandle.cs
index 77900ae013f17..a5432b8240539 100644
--- a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcHandle.cs
+++ b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcHandle.cs
@@ -7,6 +7,8 @@
 using System.Runtime.InteropServices;
 using System.Text;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.Odbc
 {
     internal abstract class OdbcHandle : SafeHandle
diff --git a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcStatementHandle.cs b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcStatementHandle.cs
index 871478cae5014..f8384b7a20b47 100644
--- a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcStatementHandle.cs
+++ b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcStatementHandle.cs
@@ -4,6 +4,8 @@
 using System.Data.Common;
 using System.Runtime.InteropServices;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.Odbc
 {
     internal readonly struct SQLLEN
diff --git a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcUtils.cs b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcUtils.cs
index 370bb9771dc83..6df1b3c9ec9d5 100644
--- a/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcUtils.cs
+++ b/src/libraries/System.Data.Odbc/src/System/Data/Odbc/OdbcUtils.cs
@@ -6,6 +6,8 @@
 using System.Runtime.InteropServices;
 using System.Text;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.Odbc
 {
     internal sealed class CNativeBuffer : System.Data.ProviderBase.DbBuffer
diff --git a/src/libraries/System.Data.OleDb/src/OleDbTransaction.cs b/src/libraries/System.Data.OleDb/src/OleDbTransaction.cs
index 2181a6cbe75af..4a169181f2b59 100644
--- a/src/libraries/System.Data.OleDb/src/OleDbTransaction.cs
+++ b/src/libraries/System.Data.OleDb/src/OleDbTransaction.cs
@@ -7,6 +7,8 @@
 using System.Runtime.CompilerServices;
 using System.Runtime.InteropServices;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.OleDb
 {
     public sealed class OleDbTransaction : DbTransaction
diff --git a/src/libraries/System.Data.OleDb/src/OleDbWrapper.cs b/src/libraries/System.Data.OleDb/src/OleDbWrapper.cs
index 23ef6c6b0d495..bc458f68223e2 100644
--- a/src/libraries/System.Data.OleDb/src/OleDbWrapper.cs
+++ b/src/libraries/System.Data.OleDb/src/OleDbWrapper.cs
@@ -7,6 +7,8 @@
 using System.Runtime.CompilerServices;
 using System.Runtime.InteropServices;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.OleDb
 {
     // SafeHandle wrapper around 'DataLinks' object which pools the native OLE DB providers.
@@ -92,7 +94,7 @@ internal sealed class DataSourceWrapper : WrappedIUnknown
         // we expect to store IDBInitialize instance pointer in base.handle
 
         // construct a DataSourceWrapper and used as a ref parameter to GetDataSource
-        internal DataSourceWrapper() : base()
+        public DataSourceWrapper() : base()
         {
         }
 
@@ -229,7 +231,7 @@ internal sealed class SessionWrapper : WrappedIUnknown
         // since we maintain an AddRef on IDBCreateCommand it is safe to use the delegate without rechecking its function pointer
         private UnsafeNativeMethods.IDBCreateCommandCreateCommand? DangerousIDBCreateCommandCreateCommand;
 
-        internal SessionWrapper() : base()
+        public SessionWrapper() : base()
         {
         }
 
diff --git a/src/libraries/System.Data.OleDb/src/PropertyIDSet.cs b/src/libraries/System.Data.OleDb/src/PropertyIDSet.cs
index 52b854cd0dc6f..5aca3735e5591 100644
--- a/src/libraries/System.Data.OleDb/src/PropertyIDSet.cs
+++ b/src/libraries/System.Data.OleDb/src/PropertyIDSet.cs
@@ -5,6 +5,8 @@
 using System.Data.ProviderBase;
 using System.Runtime.InteropServices;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.OleDb
 {
     internal sealed class PropertyIDSet : DbBuffer
diff --git a/src/libraries/System.Data.OleDb/src/PropertyInfoSet.cs b/src/libraries/System.Data.OleDb/src/PropertyInfoSet.cs
index 60b44bab7de48..67f95789eb04a 100644
--- a/src/libraries/System.Data.OleDb/src/PropertyInfoSet.cs
+++ b/src/libraries/System.Data.OleDb/src/PropertyInfoSet.cs
@@ -7,6 +7,8 @@
 using System.Runtime.CompilerServices;
 using System.Runtime.InteropServices;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.OleDb
 {
     internal sealed class OleDbPropertyInfo
diff --git a/src/libraries/System.Data.OleDb/src/RowBinding.cs b/src/libraries/System.Data.OleDb/src/RowBinding.cs
index 7f94bf563d5f1..75312475fcdd7 100644
--- a/src/libraries/System.Data.OleDb/src/RowBinding.cs
+++ b/src/libraries/System.Data.OleDb/src/RowBinding.cs
@@ -6,6 +6,8 @@
 using System.Runtime.CompilerServices;
 using System.Runtime.InteropServices;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.OleDb
 {
     internal sealed class RowBinding : System.Data.ProviderBase.DbBuffer
diff --git a/src/libraries/System.Data.OleDb/src/SafeHandles.cs b/src/libraries/System.Data.OleDb/src/SafeHandles.cs
index d435f7f45bcd1..edd87806063a0 100644
--- a/src/libraries/System.Data.OleDb/src/SafeHandles.cs
+++ b/src/libraries/System.Data.OleDb/src/SafeHandles.cs
@@ -9,6 +9,8 @@
 using System.Runtime.Versioning;
 using static System.Data.Common.UnsafeNativeMethods;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Data.OleDb
 {
     internal sealed class DualCoTaskMem : SafeHandle
diff --git a/src/libraries/System.Data.OleDb/src/System/Data/ProviderBase/DbConnectionPool.cs b/src/libraries/System.Data.OleDb/src/System/Data/ProviderBase/DbConnectionPool.cs
index e411fc550101f..521ea909f11da 100644
--- a/src/libraries/System.Data.OleDb/src/System/Data/ProviderBase/DbConnectionPool.cs
+++ b/src/libraries/System.Data.OleDb/src/System/Data/ProviderBase/DbConnectionPool.cs
@@ -233,7 +233,7 @@ private sealed class PoolWaitHandles : DbBuffer
 
             private readonly int _releaseFlags;
 
-            internal PoolWaitHandles() : base(3 * IntPtr.Size)
+            public PoolWaitHandles() : base(3 * IntPtr.Size)
             {
                 bool mustRelease1 = false, mustRelease2 = false, mustRelease3 = false;
 
diff --git a/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/AuthZSet.cs b/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/AuthZSet.cs
index 4c6491929ad38..56edd76877c0f 100644
--- a/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/AuthZSet.cs
+++ b/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/AuthZSet.cs
@@ -566,8 +566,9 @@ public override void Dispose()
         //
         private sealed class SafeMemoryPtr : SafeHandle
         {
-            private SafeMemoryPtr() : base(IntPtr.Zero, true)
-            { }
+            public SafeMemoryPtr() : base(IntPtr.Zero, true)
+            {
+            }
 
             internal SafeMemoryPtr(IntPtr handle) : base(IntPtr.Zero, true)
             {
diff --git a/src/libraries/System.DirectoryServices.Protocols/src/System/DirectoryServices/Protocols/Interop/SafeHandles.cs b/src/libraries/System.DirectoryServices.Protocols/src/System/DirectoryServices/Protocols/Interop/SafeHandles.cs
index 3dc2a589a8d5d..4f2ac1c3086cf 100644
--- a/src/libraries/System.DirectoryServices.Protocols/src/System/DirectoryServices/Protocols/Interop/SafeHandles.cs
+++ b/src/libraries/System.DirectoryServices.Protocols/src/System/DirectoryServices/Protocols/Interop/SafeHandles.cs
@@ -4,6 +4,8 @@
 using System.Runtime.InteropServices;
 using Microsoft.Win32.SafeHandles;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.DirectoryServices.Protocols
 {
     internal sealed class HGlobalMemHandle : SafeHandleZeroOrMinusOneIsInvalid
diff --git a/src/libraries/System.Drawing.Common/src/System/Drawing/Drawing2D/SafeCustomLineCapHandle.cs b/src/libraries/System.Drawing.Common/src/System/Drawing/Drawing2D/SafeCustomLineCapHandle.cs
index beb8d42bb6ff5..b01b88392b94f 100644
--- a/src/libraries/System.Drawing.Common/src/System/Drawing/Drawing2D/SafeCustomLineCapHandle.cs
+++ b/src/libraries/System.Drawing.Common/src/System/Drawing/Drawing2D/SafeCustomLineCapHandle.cs
@@ -11,6 +11,10 @@ namespace System.Drawing.Drawing2D
 {
     internal sealed class SafeCustomLineCapHandle : SafeHandle
     {
+        public SafeCustomLineCapHandle() : base(IntPtr.Zero, true)
+        {
+        }
+
         // Create a SafeHandle, informing the base class
         // that this SafeHandle instance "owns" the handle,
         // and therefore SafeHandle should call
diff --git a/src/libraries/System.Net.Http.WinHttpHandler/src/System/Net/Http/WinHttpChannelBinding.cs b/src/libraries/System.Net.Http.WinHttpHandler/src/System/Net/Http/WinHttpChannelBinding.cs
index 5e862724d0e7f..8011f2859d0db 100644
--- a/src/libraries/System.Net.Http.WinHttpHandler/src/System/Net/Http/WinHttpChannelBinding.cs
+++ b/src/libraries/System.Net.Http.WinHttpHandler/src/System/Net/Http/WinHttpChannelBinding.cs
@@ -5,9 +5,10 @@
 using System.Runtime.InteropServices;
 using System.Security.Authentication.ExtendedProtection;
 using System.Text;
-
 using SafeWinHttpHandle = Interop.WinHttp.SafeWinHttpHandle;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net.Http
 {
     internal sealed class WinHttpChannelBinding : ChannelBinding
diff --git a/src/libraries/System.Net.HttpListener/src/System/Net/Windows/HttpServerSessionHandle.cs b/src/libraries/System.Net.HttpListener/src/System/Net/Windows/HttpServerSessionHandle.cs
index 671eae6386b5d..f180fefecd115 100644
--- a/src/libraries/System.Net.HttpListener/src/System/Net/Windows/HttpServerSessionHandle.cs
+++ b/src/libraries/System.Net.HttpListener/src/System/Net/Windows/HttpServerSessionHandle.cs
@@ -4,6 +4,8 @@
 using Microsoft.Win32.SafeHandles;
 using System.Threading;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net
 {
     //
diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
index 2bf1b9b1955e8..cba34f6dbbaff 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Internal/MsQuicApi.cs
@@ -16,11 +16,11 @@ internal unsafe sealed class MsQuicApi
         // This is workaround for a bug in ILTrimmer.
         // Without these DynamicDependency attributes, .ctor() will be removed from the safe handles.
         // Remove once fixed: https://github.com/mono/linker/issues/1660
-        [DynamicDependency(DynamicallyAccessedMemberTypes.NonPublicConstructors, typeof(SafeMsQuicRegistrationHandle))]
-        [DynamicDependency(DynamicallyAccessedMemberTypes.NonPublicConstructors, typeof(SafeMsQuicConfigurationHandle))]
-        [DynamicDependency(DynamicallyAccessedMemberTypes.NonPublicConstructors, typeof(SafeMsQuicListenerHandle))]
-        [DynamicDependency(DynamicallyAccessedMemberTypes.NonPublicConstructors, typeof(SafeMsQuicConnectionHandle))]
-        [DynamicDependency(DynamicallyAccessedMemberTypes.NonPublicConstructors, typeof(SafeMsQuicStreamHandle))]
+        [DynamicDependency(DynamicallyAccessedMemberTypes.PublicConstructors, typeof(SafeMsQuicRegistrationHandle))]
+        [DynamicDependency(DynamicallyAccessedMemberTypes.PublicConstructors, typeof(SafeMsQuicConfigurationHandle))]
+        [DynamicDependency(DynamicallyAccessedMemberTypes.PublicConstructors, typeof(SafeMsQuicListenerHandle))]
+        [DynamicDependency(DynamicallyAccessedMemberTypes.PublicConstructors, typeof(SafeMsQuicConnectionHandle))]
+        [DynamicDependency(DynamicallyAccessedMemberTypes.PublicConstructors, typeof(SafeMsQuicStreamHandle))]
         private MsQuicApi(NativeApi* vtable)
         {
             uint status;
diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConfigurationHandle.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConfigurationHandle.cs
index f80f33f53ae49..df48e0db377ae 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConfigurationHandle.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConfigurationHandle.cs
@@ -21,7 +21,7 @@ internal sealed class SafeMsQuicConfigurationHandle : SafeHandle
 
         public override bool IsInvalid => handle == IntPtr.Zero;
 
-        private SafeMsQuicConfigurationHandle()
+        public SafeMsQuicConfigurationHandle()
             : base(IntPtr.Zero, ownsHandle: true)
         { }
 
diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConnectionHandle.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConnectionHandle.cs
index 74f806c9818b0..9354ce04a18e9 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConnectionHandle.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicConnectionHandle.cs
@@ -9,7 +9,7 @@ internal sealed class SafeMsQuicConnectionHandle : SafeHandle
     {
         public override bool IsInvalid => handle == IntPtr.Zero;
 
-        private SafeMsQuicConnectionHandle()
+        public SafeMsQuicConnectionHandle()
             : base(IntPtr.Zero, ownsHandle: true)
         { }
 
diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicListenerHandle.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicListenerHandle.cs
index 87e59b69a2205..f0f75556921c3 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicListenerHandle.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicListenerHandle.cs
@@ -9,7 +9,7 @@ internal sealed class SafeMsQuicListenerHandle : SafeHandle
     {
         public override bool IsInvalid => handle == IntPtr.Zero;
 
-        private SafeMsQuicListenerHandle()
+        public SafeMsQuicListenerHandle()
             : base(IntPtr.Zero, ownsHandle: true)
         { }
 
diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicRegistrationHandle.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicRegistrationHandle.cs
index d9c6e7c70adc4..798636bd7e431 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicRegistrationHandle.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicRegistrationHandle.cs
@@ -9,7 +9,7 @@ internal sealed class SafeMsQuicRegistrationHandle : SafeHandle
     {
         public override bool IsInvalid => handle == IntPtr.Zero;
 
-        private SafeMsQuicRegistrationHandle()
+        public SafeMsQuicRegistrationHandle()
             : base(IntPtr.Zero, ownsHandle: true)
         { }
 
diff --git a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicStreamHandle.cs b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicStreamHandle.cs
index 3037f60956a70..179bdd3d15e1c 100644
--- a/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicStreamHandle.cs
+++ b/src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/Interop/SafeMsQuicStreamHandle.cs
@@ -9,7 +9,7 @@ internal sealed class SafeMsQuicStreamHandle : SafeHandle
     {
         public override bool IsInvalid => handle == IntPtr.Zero;
 
-        private SafeMsQuicStreamHandle()
+        public SafeMsQuicStreamHandle()
             : base(IntPtr.Zero, ownsHandle: true)
         { }
 
diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Android/SafeDeleteSslContext.cs b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Android/SafeDeleteSslContext.cs
index b0177cbc43232..99cb5fa68cf97 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Android/SafeDeleteSslContext.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Android/SafeDeleteSslContext.cs
@@ -13,6 +13,8 @@
 using PAL_KeyAlgorithm = Interop.AndroidCrypto.PAL_KeyAlgorithm;
 using PAL_SSLStreamStatus = Interop.AndroidCrypto.PAL_SSLStreamStatus;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net
 {
     internal sealed class SafeDeleteSslContext : SafeDeleteContext
diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeChannelBindingHandle.cs b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeChannelBindingHandle.cs
index 0308355c8898f..e65b0aacde225 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeChannelBindingHandle.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeChannelBindingHandle.cs
@@ -6,6 +6,8 @@
 using System.Security.Authentication.ExtendedProtection;
 using System.Text;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net.Security
 {
     internal sealed class SafeChannelBindingHandle : ChannelBinding
diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeFreeSslCredentials.cs b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeFreeSslCredentials.cs
index 24a4e7be7843a..c047b88e5c521 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeFreeSslCredentials.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.Managed/SafeFreeSslCredentials.cs
@@ -6,6 +6,8 @@
 using System.Security.Authentication;
 using System.Security.Cryptography.X509Certificates;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net
 {
     internal sealed class SafeFreeSslCredentials : SafeFreeCredentials
diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.OSX/SafeDeleteSslContext.cs b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.OSX/SafeDeleteSslContext.cs
index 44c8757c51e82..9b4cef4873dd0 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/Pal.OSX/SafeDeleteSslContext.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/Pal.OSX/SafeDeleteSslContext.cs
@@ -9,6 +9,8 @@
 using System.Security.Cryptography.X509Certificates;
 using Microsoft.Win32.SafeHandles;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace System.Net
 {
     internal sealed class SafeDeleteSslContext : SafeDeleteContext
diff --git a/src/libraries/System.Private.CoreLib/src/System/Security/SecureString.cs b/src/libraries/System.Private.CoreLib/src/System/Security/SecureString.cs
index 3f1cf733cb6b3..721c74149ca0a 100644
--- a/src/libraries/System.Private.CoreLib/src/System/Security/SecureString.cs
+++ b/src/libraries/System.Private.CoreLib/src/System/Security/SecureString.cs
@@ -429,7 +429,9 @@ private sealed class UnmanagedBuffer : SafeBuffer
             // A local copy of byte length to be able to access it in ReleaseHandle without the risk of throwing exceptions
             private int _byteLength;
 
+#pragma warning disable CA1419 // not intended for use with P/Invoke
             private UnmanagedBuffer() : base(true) { }
+#pragma warning restore CA1419
 
             public static UnmanagedBuffer Allocate(int byteLength)
             {
diff --git a/src/libraries/System.Private.Runtime.InteropServices.JavaScript/src/System.Private.Runtime.InteropServices.JavaScript.csproj b/src/libraries/System.Private.Runtime.InteropServices.JavaScript/src/System.Private.Runtime.InteropServices.JavaScript.csproj
index 08f018bc7149a..9d779477a880f 100644
--- a/src/libraries/System.Private.Runtime.InteropServices.JavaScript/src/System.Private.Runtime.InteropServices.JavaScript.csproj
+++ b/src/libraries/System.Private.Runtime.InteropServices.JavaScript/src/System.Private.Runtime.InteropServices.JavaScript.csproj
@@ -3,6 +3,7 @@
     <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
     <Nullable>enable</Nullable>
     <TargetFrameworks>$(NetCoreAppCurrent)-Browser</TargetFrameworks>
+    <NoWarn>$(NoWarn);CA1419</NoWarn> <!-- // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke -->
   </PropertyGroup>
   <ItemGroup Condition="'$(TargetsBrowser)' == 'true'">
     <Compile Include="$(CommonPath)Interop\Browser\Interop.Runtime.cs" Link="Common\Interop\Browser\Interop.Runtime.cs" />
diff --git a/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/CngKeyLite.cs b/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/CngKeyLite.cs
index c7c38e7bcc4ca..3670b98ffc049 100644
--- a/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/CngKeyLite.cs
+++ b/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/CngKeyLite.cs
@@ -724,6 +724,8 @@ internal sealed class SafeNCryptSecretHandle : SafeNCryptHandle
     {
     }
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
     internal sealed class DuplicateSafeNCryptKeyHandle : SafeNCryptKeyHandle
     {
         public DuplicateSafeNCryptKeyHandle(SafeNCryptKeyHandle original)
diff --git a/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeCertContextHandle.cs b/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeCertContextHandle.cs
index 50293c45860b1..5496b23d1bb97 100644
--- a/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeCertContextHandle.cs
+++ b/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeCertContextHandle.cs
@@ -7,6 +7,8 @@
 
 using static Interop.Crypt32;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace Microsoft.Win32.SafeHandles
 {
     internal sealed class SafeCertContextHandle : SafeHandle
diff --git a/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeProvOrNCryptKeyHandleUwp.cs b/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeProvOrNCryptKeyHandleUwp.cs
index a1ac99fff1249..884bf569481be 100644
--- a/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeProvOrNCryptKeyHandleUwp.cs
+++ b/src/libraries/System.Security.Cryptography.Pkcs/src/Microsoft/Win32/SafeHandles/SafeProvOrNCryptKeyHandleUwp.cs
@@ -7,6 +7,8 @@
 
 using ErrorCode = Interop.NCrypt.ErrorCode;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace Microsoft.Win32.SafeHandles
 {
     //
diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/SafeHandles.cs b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/SafeHandles.cs
index 4c3ba2011b679..0f67d4244f6cd 100644
--- a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/SafeHandles.cs
+++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/SafeHandles.cs
@@ -7,6 +7,8 @@
 using System.Runtime.InteropServices;
 using System.Security.Cryptography;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace Internal.Cryptography.Pal.Native
 {
     /// <summary>
diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/Microsoft/Win32/SafeHandles/SafePasswordHandle.cs b/src/libraries/System.Security.Cryptography.X509Certificates/src/Microsoft/Win32/SafeHandles/SafePasswordHandle.cs
index 6ebaa978de95e..f528eae37b0f8 100644
--- a/src/libraries/System.Security.Cryptography.X509Certificates/src/Microsoft/Win32/SafeHandles/SafePasswordHandle.cs
+++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/Microsoft/Win32/SafeHandles/SafePasswordHandle.cs
@@ -5,6 +5,8 @@
 using System.Runtime.InteropServices;
 using System.Security;
 
+#pragma warning disable CA1419 // TODO https://github.com/dotnet/roslyn-analyzers/issues/5232: not intended for use with P/Invoke
+
 namespace Microsoft.Win32.SafeHandles
 {
     /// <summary>
diff --git a/src/libraries/System.ServiceProcess.ServiceController/src/Microsoft/Win32/SafeHandles/SafeServiceHandle.cs b/src/libraries/System.ServiceProcess.ServiceController/src/Microsoft/Win32/SafeHandles/SafeServiceHandle.cs
index 48f0392789609..77b1ea855baeb 100644
--- a/src/libraries/System.ServiceProcess.ServiceController/src/Microsoft/Win32/SafeHandles/SafeServiceHandle.cs
+++ b/src/libraries/System.ServiceProcess.ServiceController/src/Microsoft/Win32/SafeHandles/SafeServiceHandle.cs
@@ -11,6 +11,10 @@ namespace Microsoft.Win32.SafeHandles
     /// </summary>
     internal sealed class SafeServiceHandle : SafeHandle
     {
+        public SafeServiceHandle() : base(IntPtr.Zero, true)
+        {
+        }
+
         internal SafeServiceHandle(IntPtr handle) : base(IntPtr.Zero, true)
         {
             SetHandle(handle);