• Home
• org.sonarsource.dotnet
• sonar-csharp-plugin
• 9.29.0.95321
• source code
• S4000.html

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.sonar.plugins.csharp.S4000.html Maven / Gradle / Ivy

Why is this an issue?
Pointer and unmanaged function pointer types such as IntPtr, UIntPtr, int* etc. are used to access unmanaged
memory, usually in order to use C or C++ libraries. If such a pointer is not secured by making it private, internal or
readonly, it can lead to a vulnerability allowing access to arbitrary locations.
Noncompliant code example
using System;

namespace MyLibrary
{
  public class MyClass
  {
    public IntPtr myPointer;  // Noncompliant
    protected UIntPtr myOtherPointer; // Noncompliant
  }
}

Compliant solution
using System;

namespace MyLibrary
{
  public class MyClass
  {
    private IntPtr myPointer;
    protected readonly UIntPtr myOtherPointer;
  }
}