Klocwork C# Additional Checkers


Additional Klocwork C# (C-sharp) Checkers, developed by Emenda.

These checkers to add to the standard Klocwork out of the box rules, and have been found useful by other users.

The checkers are delivered as one single Klocwork checker package but rules can be turned on individually.

EMENDA.CS.IDISP.DESTRUCT
Provide a destructor (finalizer) when you implement IDisposable
EMENDA.CS.NOT.SERIALIZED
Ensure entire graph of object can be serialized
EMENDA.CS.EXCEPT.NO.LOG
Ensure all exceptions are either logged with a standard logger or rethrown
EMENDA.CS.NO.BOXING
Avoid boxing/unboxing when possible
EMENDA.CS.EMPTY.METHOD
Avoid empty methods
EMENDA.CS.SYS.WRITE.CALL
Avoid System.Console ‘Write()’ or ‘WriteLine()’ statements
EMENDA.CS.IDISP.DESTRUCT.BOOL
Implement Dispose(bool) as a virtual method if IDisposable is implemented
EMENDA.CS.SYS.GC.COLLECT
Do not explicitly call ‘System.GC.Collect()’ or ‘System.GC.Collect(int)’
EMENDA.CS.PARSE
Do not use Parse
EMENDA.CS.PROP.LOCK.BOTH
Lock both when either set or get is locked for a property
EMENDA.CS.DB.CLOSE.FINALLY
Close data base connections in ‘finally’ block
EMENDA.CS.INVOKE
Prefer asynchronous calls to synchronized calls
EMENDA.CS.STR.NULLOREMPTY
Use String.IsNullOrEmpty to check if a string is null or empty
EMENDA.CS.EMPTY.STMT
Avoid control statements with empty bodies
EMENDA.CS.SWITCH.NODEFAULT
Provide ‘default:’ for each ‘switch’ statement
EMENDA.CS.RETHROW.EXCEPT
Avoid clearing stack trace while rethrowing exceptions
EMENDA.CS.NEW.METHOD
Avoid use of new keyword for hiding methods
EMENDA.CS.PRIVATE.METHOD
Avoid unused private methods
EMENDA.CS.LA_UNUSED
Unused label
EMENDA.CS.LV_UNUSED.GEN
Unused local variable
EMENDA.CS.SQL.QUERY.REVIEW
Review SQL queries for security vulnerabilities
EMENDA.CS.SV.SRLZ.CTOR
Secure serialization constructors
EMENDA.CS.SV.TYPE.EXP
Secured types should not expose fields
EMENDA.CS.LNK.DMD.PERM
Type link demands require inheritance demands
EMENDA.CS.SV.CONST.TRANS
Security critical constants should be transparent
EMENDA.CS.SV.TYPE.EQVL
Security critical types may not participate in type equivalence
EMENDA.CS.LNK.DMD
Level 2 assemblies should not contain LinkDemands
EMENDA.CS.MEMBER.TNPCY
Members should not have conflicting transparency annotations
EMENDA.CS.TP.HPCE
Transparent methods may not use the HandleProcessCorruptingExceptions attribute
EMENDA.CS.TP.LNK.DMD
Transparent code should not be protected with LinkDemands
EMENDA.CS.TP.SEC.DMD
Transparent methods should not use security demands
EMENDA.CS.TP.LOAD.ASSMBLY
Transparent code should not load assemblies from byte arrays
EMENDA.CS.TP.SUCSA
Transparent methods should not be decorated with the SuppressUnmanagedCodeSecurityAttribute
EMENDA.CS.TYPE.CRITICAL.LVL
Types must be at least as critical as their base types and interfaces
EMENDA.CS.TP.SEC.ASSERT
Transparent methods may not use security asserts
EMENDA.CS.SV.HIDDEN.FORM
Avoid using hidden form fields to store content with potential security impact



Get in touch about our resources

Name (required)

Email (required)

Company

Department / Business Unit

Resource