1

An object of this class will be passed to an API call. I implemented the first suggestion from the warning below:

To reduce security risk, marshal field 'Resource.k__BackingField' as Unicode, by setting StructLayout.CharSet on 'Resource' to CharSet.Unicode, or by explicitly marshaling the field as UnmanagedType.LPWStr. If you need to marshal this string as ANSI or system-dependent, specify MarshalAs explicitly, use the BestFitMapping attribute to turn best-fit mapping off, and for added security, to turn ThrowOnUnmappableChar on.

Now my class looks similar to this:

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public class Resource
{
    public string Provider;
}

But FxCop is still throwing the same warning. What does it want?

ajeh
  • 2,652
  • 2
  • 34
  • 65
  • Side note: I'd expect fields instead of properties for object that is used for marshalling... At least it will make `LayoutKind.Sequential` to mean something (rather that let compiler to pick order of fields anyway)... and will give you better error to work with. – Alexei Levenkov Dec 28 '17 at 17:06
  • I am just playing. This will be a field in production. Trying to make the warning go away I also tried converting the field to a property. FxCop would then throw "Do not declare visible instance fields" but that's a non-issue. – ajeh Dec 28 '17 at 17:08

0 Answers0