CS.SV.TYPE_EQVL
Security critical types may not participate in type equivalence.
This rule fires on any critical types or types that contain critical methods or fields that are participating in type equivalence. When the CLR detects such a type, it fails to load it with a TypeLoadException at run time. Typically, this rule fires only when users implement type equivalence manually rather than by relying on tlbimp and the compilers to do the type equivalence.
Mitigation and prevention
To fix a violation of this rule, remove the SecurityCritical attribute.
Vulnerable code example
2 using System; 3 using System.Security; 4 using System.Runtime.InteropServices; 5 6 [assembly: SecurityRules(SecurityRuleSet.Level2)] 7 [assembly: AllowPartiallyTrustedCallers] 8 9 namespace TransparencyWarningsDemo 10 { 11 12 // CA2131 error - critical type participating in equivilance 13 [SecurityCritical] 14 [TypeIdentifier("3a5b6203-2bf1-4f83-b5b4-1bdc334ad3ea", "ICriticalEquivilentInterface")] 15 public interface ICriticalEquivilentInterface 16 { 17 void Method1(); 18 } 19 20 [TypeIdentifier("3a5b6203-2bf1-4f83-b5b4-1bdc334ad3ea", "ITransparentEquivilentInterface")] 21 public interface ITransparentEquivilentInterface 22 { 23 // CA2131 error - critical method in a type participating in equivilance 24 [SecurityCritical] 25 void CriticalMethod(); 26 } 27 28 [SecurityCritical] 29 [TypeIdentifier("3a5b6203-2bf1-4f83-b5b4-1bdc334ad3ea", "ICriticalEquivilentInterface")] 30 public struct EquivilentStruct 31 { 32 // CA2131 error - critical field in a type participating in equivalence 33 [SecurityCritical] 34 public int CriticalField; 35 } 36 }
The examples demonstrate an interface, a method, and a field that will cause this rule to fire.