Skip to content

Latest commit

 

History

History
50 lines (31 loc) · 2.78 KB

clrunmanagedcodecheck-add-suppressunmanagedcodesecurityattribute.md

File metadata and controls

50 lines (31 loc) · 2.78 KB
title ms.date ms.topic f1_keywords helpviewer_keywords ms.assetid author ms.author
/CLRUNMANAGEDCODECHECK (Remove SuppressUnmanagedCodeSecurityAttribute)
09/27/2018
reference
/CLRUNMANAGEDCODECHECK
-CLRUNMANAGEDCODECHECK linker option
/CLRUNMANAGEDCODECHECK linker option
73abc426-dab0-45e2-be85-0f9a14206cc2
corob-msft
corob

/CLRUNMANAGEDCODECHECK (Remove SuppressUnmanagedCodeSecurityAttribute)

/CLRUNMANAGEDCODECHECK specifies that the linker does not apply xref:System.Security.SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls from managed code into native DLLs.

Syntax

/CLRUNMANAGEDCODECHECK[:NO]

Remarks

By default, the linker applies the SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls. When /CLRUNMANAGEDCODECHECK is in effect, SuppressUnmanagedCodeSecurityAttribute is removed. To explicitly apply the SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls, you can use /CLRUNMANAGEDCODECHECK:NO.

The linker only adds the attribute to objects that are compiled using /clr or /clr:pure. However, the /clr:pure compiler option is deprecated in Visual Studio 2015 and unsupported in Visual Studio 2017.

A PInvoke call is generated by the linker when the linker cannot find a managed symbol to satisfy a reference from a managed caller but can find a native symbol to satisfy that reference. For more information about PInvoke, see Calling Native Functions from Managed Code.

Note that if you use xref:System.Security.AllowPartiallyTrustedCallersAttribute in your code, you should explicitly set /CLRUNMANAGEDCODECHECK to remove the SuppressUnmanagedCodeSecurity attribute. It is a potential security vulnerability if an image contains both the SuppressUnmanagedCodeSecurity and AllowPartiallyTrustedCallers attributes.

See Secure Coding Guidelines for Unmanaged Code for more information about the implications of using SuppressUnmanagedCodeSecurityAttribute.

To set this linker option in the Visual Studio development environment

  1. Open the project's Property Pages dialog box. For details, see Set compiler and build properties.

  2. Expand the Configuration Properties node.

  3. Expand the Linker node.

  4. Select the Advanced property page.

  5. Modify the CLR Unmanaged Code Check property.

To set this linker option programmatically

  1. See xref:Microsoft.VisualStudio.VCProjectEngine.VCLinkerTool.CLRUnmanagedCodeCheck%2A.

See also