LinkDemand warning during code analysis. Error CA2122

Question

I've just run code analysis on a project I'm working on and I've been alerted to this message.

Warning 17 CA2122 : Microsoft.Security : 'Quantizer.Quantize(Image)' calls into 'Bitmap.LockBits(Rectangle, ImageLockMode, PixelFormat)' which has a LinkDemand. By making this call, 'Bitmap.LockBits(Rectangle, ImageLockMode, PixelFormat)' is indirectly exposed to user code. Review the following call stack that might expose a way to circumvent security protection:
->'Quantizer.Quantize(Image)' ->'Quantizer.Quantize(Image)' ->'ImageFactory.SaveFileAndReset(string)' ->'ImageFactory.Save(string)'

    private void SaveFileAndReset(string path)
    {
        // Fix the colour palette of gif images.
        if (this.imageFormat == ImageFormat.Gif)
        {
            OctreeQuantizer quantizer = new OctreeQuantizer(255, 8);
            this.Image = quantizer.Quantize(this.Image);
        }

        /// etc....

The information I could find on MSDN was very brief and I couldn't extract anything particularly meaningful from it and most answers I have found online simply suggest turning of the warning with a flag obviously this is something I do not want to do without being absolutely sure that I am safe to do so.

Could someone please explain what this actually means and how I would go about fixing any security issues I have that are triggering the warning?

Answer 1

It looks like you have probably encountered a false positive in the rule, which does not appear to properly account for default security transparency settings under .NET 4.0. To avoid the problem, you could simply make the default transparency explicit by adding the following two assembly-level attributes to the assembly that contains ImageFactory and OctreeQuantizer:

[assembly: SecurityCritical]
[assembly: SecurityRules(SecurityRuleSet.Level2)]

Since these match the CLR 4.0 defaults, adding the attributes will not affect the runtime behaviour of your code. However, the presence of the attributes will allow the CA2122 rule to recognize that the problem that it is intended to detect is not actually present in your code.

If you are interested in learning more about the transparency model and the security rule levels, see http://blogs.msdn.com/b/shawnfa/archive/2009/11/03/transparency-101-basic-transparency-rules.aspx , http://blogs.msdn.com/b/shawnfa/archive/2009/11/09/transparency-as-enforcement-in-clr-v4.aspx , and http://blogs.msdn.com/b/shawnfa/archive/2009/11/12/differences-between-the-security-rule-sets.aspx .

Answer 2

To avoid this fxCop-error make sure to mark the scopes of the method which contains the Bitmap.LockBits(..) call and all its upstream callers with private and in cases to call it from another class with internal instead of public .

In other words make sure that a call from outside the assembly never can happen.