This is _not_ a good Dispose() call :)

[the-exodus]

This is not really a huge issue, but the provided example in csharp/ql/src/API Abuse/MissingDisposeCallGood.cs is actually quite bad, as it can lead to all kinds of pointer-related issues (anything from a mysterious crashes to arbitrary code execution).

As you're a security-focused code analysis service, I really think a proper implementation of the Disposable-pattern would be in order :)

class MyClass : IDisposable
{
   bool disposed = false;

   public void Dispose()
   { 
      Dispose(true);
      GC.SuppressFinalize(this);           
   }

   protected virtual void Dispose(bool disposing)
   {
      if (disposed)
         return; 
      
      if (disposing) {
    // free any managed objects
      }
      
      // Free any unmanaged objects
      disposed = true;
   }

   ~MyClass()
   {
      Dispose(false);
   }
} 

[calumgrant]

Hi there! Many thanks for your feedback.

Having reviewed the documentation in question, I agree that the documentation should be improved. In particular, the class should have been sealed to avoid problems of overriding the Dispose method. The reason we didn't use the dispose pattern is because it would have cluttered the sample, however it has given us a great idea for a new query, which is to find places where the dispose pattern should have been used.