| title | description | ms.date | ms.topic | f1_keywords | helpviewer_keywords | author | ms.author | manager | ms.subservice | monikerRange | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
CA2001: Avoid calling problematic methods |
A member calls a potentially dangerous or problematic method. |
11/04/2016 |
reference |
|
|
mikejo5000 |
mikejo |
mijacobs |
code-analysis |
vs-2019 |
| Item | Value |
|---|---|
| RuleId | CA2001 |
| Category | Microsoft.Reliability |
| Breaking change | Non-breaking |
A member calls a potentially dangerous or problematic method.
Avoid making unnecessary and potentially dangerous method calls. A violation of this rule occurs when a member calls one of the following methods:
| Method | Description |
|---|---|
| xref:System.GC.Collect%2A?displayProperty=fullName | Calling GC.Collect can significantly affect application performance and is rarely necessary. For more information, see Rico Mariani's Performance Tidbits blog entry on MSDN. |
| xref:System.Threading.Thread.Resume%2A?displayProperty=fullName xref:System.Threading.Thread.Suspend%2A?displayProperty=fullName |
Thread.Suspend and Thread.Resume have been deprecated because of their unpredictable behavior. Use other classes in the xref:System.Threading namespace, such as xref:System.Threading.Monitor, xref:System.Threading.Mutex, and xref:System.Threading.Semaphore, to synchronize threads or protect resources. |
| xref:System.Runtime.InteropServices.SafeHandle.DangerousGetHandle%2A?displayProperty=fullName | The DangerousGetHandle method poses a security risk because it can return a handle that's not valid. For more information about how to use the DangerousGetHandle method safely, see the xref:System.Runtime.InteropServices.SafeHandle.DangerousAddRef%2A and xref:System.Runtime.InteropServices.SafeHandle.DangerousRelease%2A methods. |
| xref:System.Reflection.Assembly.LoadFrom%2A?displayProperty=fullName xref:System.Reflection.Assembly.LoadFile%2A?displayProperty=fullName xref:System.Reflection.Assembly.LoadWithPartialName%2A?displayProperty=fullName |
These methods can load assemblies from unexpected locations. For example, see Suzanne Cook's .NET CLR Notes blog posts LoadFile vs. LoadFrom and Choosing a Binding Context for information about methods that load assemblies. |
| CoSetProxyBlanket CoInitializeSecurity |
By the time the user code starts executing in a managed process, it's too late to reliably call CoSetProxyBlanket. The common language runtime (CLR) takes initialization actions that might prevent the users P/Invoke from succeeding.If you do have to call CoSetProxyBlanket for a managed application, we recommend that you start the process by using a native code (C++) executable, call CoSetProxyBlanket in the native code, and then start your managed code application in process. (Be sure to specify a runtime version number.) |
To fix a violation of this rule, remove, or replace the call to the dangerous or problematic method.
Suppress messages from this rule only when no alternatives to the problematic method are available.