Stack Overflow
Stack Overflow

Questions tagged [fxcop]

Microsoft's free static analysis tool for analyzing .NET managed code assemblies.

FxCop can be used to find coding design issues quickly and early, comes with switchable rulesets, and supports the creation of custom rules.

Available with certain versions of Visual Studio and as part of the Windows 7 SDK, available here.

749 questions
6
votes
4 answers

Why is FxCop warning about an overflow (CA2233) in this C# code?

I have the following function to get an int from a high-byte and a low-byte: public static int FromBytes(byte high, byte low) { return high * (byte.MaxValue + 1) + low; } When I analyze the assembly with FxCop, I get the following critical…
Matthew King
  • 5,114
  • 4
  • 36
  • 50
6
votes
2 answers

FxCop (or equivalent) for non-.Net C++ code

Is there a way to get FxCop to analyze unmanaged C++ code? Setting the /clr flag allowed FxCop to open the .exe. It find a LOT of C++ items, but the analysis on the code is very weak. For example, the following code was skipped: int i=0; if…
User1
  • 39,458
  • 69
  • 187
  • 265
6
votes
1 answer

Is there a FxCop rule for local used IDisposable's?

... if I use an IDisposable in a local variable, but do not call Dispose() or use the using() pattern. public void BadMethod() { var fs = new FileStream("file.txt", FileMode.Create); fs.WriteByte(0x55); // no dispose, no using() } Just…
ulrichb
  • 19,610
  • 8
  • 73
  • 87
6
votes
1 answer

Does Code Analysis support defining two languages for mixed language Spell Checking?

Using the tip provided by José Adan at http://social.msdn.microsoft.com/Forums/en-US/vstscode/thread/f6dec8c4-9752-4a9b-82fe-0822808fd386/ I was able to get Code Analysis to do spell checking in Brazilian Portuguese. It's a common practice to mix…
Alfred Myers
  • 6,384
  • 1
  • 40
  • 68
6
votes
2 answers

Custom static code analysis rules in FxCop or StyleCop?

If writing my own static code analysis rules (for C# code), what are the pros and cons of using StyleCop vs FxCop? Is one more appropriate for certain type of analysis than the other? Or is the difference between the two that one runs on the source…
Matt Lacey
  • 65,560
  • 11
  • 91
  • 143
6
votes
3 answers

Automatically verify some threading restrictions? (C#)

Our codebase has a lot of threading restrictions encoded in comments - such as: This class is thread-safe (all public methods may be safely accessed from any thread) Must hold a lock on "xyz" to access/invoke any public members Must only be…
Roman Starkov
  • 59,298
  • 38
  • 251
  • 324
6
votes
2 answers

CA2227 and ASP.NET Model Binding

Lately, I've been working on enabling more of the Visual Studio code analysis rules in my projects. However, I keep bumping into rule CA2227: "Collection properties should be read only". Say I have a model class like this: public class Foo { …
AlexLostDba
  • 73
  • 3
6
votes
1 answer

FxCop custom rules don't have a name in VS2012 (but "official" rules have a name)

I'm trying to migrate our custom FxCop (= Code Analysis) rules from Visual Studio 2010 to Visual Studio 2012. So far, they work fine except for one thing: their name is blank in the results window (View -> Other windows -> Code Analysis), only the…
Suzanne Soy
  • 3,027
  • 6
  • 38
  • 56
6
votes
2 answers

Clicking on FxCop results in Jenkins Violations plugin leads to blank page

I have a Jenkins job where I specify something like the following FxCop command: FxCopCmd.exe"/file:"test.dll" /out:"FxCop_Output.xml" /ignoregeneratedcode /project:"C:\Jenkins\extra\Modified_Rules.FxCop" /s /searchgac When the Jenkins job is run…
jeff_hughes
  • 101
  • 8
6
votes
2 answers

StyleCop and FxCop rules exclude each other

I'm using StyleCop and FxCop tools to improve my code but I came to a place where there are two rules, one in StyleCop and one in FxCop that exclude each other. If I fix my code to match the rule from StyleCop then FxCop validation fails and vice…
RaYell
  • 69,610
  • 20
  • 126
  • 152
6
votes
1 answer

Why does Code analysis differ between Cassini and IIS Express for Web Sites?

ISSUE DETAILS We're moving to use IIS Express instead of Cassini and I noticed that Code Analysis isn't returning the same results. On one site we have where we started using code analysis late in the game the results are 423 warnings with Cassini…
WebMambo
  • 61
  • 2
6
votes
2 answers

what does this security warning mean (.Net Process class)?

I am using VSTS 2008 + .Net 2.0 + C#. And I am running Code Analysis after build. I got the following confusing security warning. Here is the warning and related code, any ideas what is wrong? If there is security warning, how to fix…
George2
  • 44,761
  • 110
  • 317
  • 455
6
votes
2 answers

Using FXCop in your project

Are there a lot of IT shops utilizing FxCop for writing production code? If so, what was/is your overall experience implementing it in terms of culture shift, pain points, and tangible benefits? I am in an environment that is somewhat chaotic and…
Zaffiro
  • 4,834
  • 5
  • 36
  • 47
5
votes
1 answer

How to get FxCop have the same set of rules as that of Visual Studio Code Analysis?

Yesterday I posted a question here ( FxCop and Code Analysis Rules ) about getting FxCop to run the same rules as Code Analysis and I thought it was resolved. However it seems like there's no real way to get FxCop to run the same exact set of rules…
Hungry Beast
  • 3,677
  • 7
  • 49
  • 75
5
votes
5 answers

FxCop for SQL Server - Tool to analyze SQL Server databases for potential issues

Is there a tool out there that can analyse SQL Server databases for potential problems? For example: a foreign key column that is not indexed an index on a uniqueidentifier column that has no FILL FACTOR a LastModifiedDate DATETIME column that has…
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219
1 2 3
49 50