1. 首頁
  2. 問答
  3. .NET代碼分析警告

.NET代碼分析警告

2016-07-02 150 views
-1

有什麼不對下面code..The給出的代碼是不是投訴CA2000:失去範圍(https://msdn.microsoft.com/library/ms182289.aspx)之前釋放對象。這個代碼生成以下警告.NET代碼分析警告

警告CA2000在方法CryptoComputer.Encrypt(字符串,字符串,字符串,字符串)',對象'new RijndaelManaged()'不沿着所有的異常路徑。調用System.IDisposable.Dispose對象'new RijndaelManaged()'之前,所有對它的引用超出範圍。

public static string Encrypt(string plainText, string passPhrase, string saltValue, string initVector) 
      { 
       var initVectorBytes = Encoding.UTF8.GetBytes(initVector); 
       var saltValueBytes = Encoding.UTF8.GetBytes(saltValue); 
       var plainTextBytes = Encoding.UTF8.GetBytes(plainText); 
       string cipherText; 
       PasswordDeriveBytes password = null; 
       RijndaelManaged symmetricKey = null; 
       MemoryStream memoryStream = null; 
       try 
       { 
        memoryStream = new MemoryStream(); 

        password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, passwordIterations); 
        byte[] keyBytes = password.GetBytes(keySize/8); 

        symmetricKey = new RijndaelManaged { Mode = CipherMode.CBC }; 
        var encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes); 

        var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write); 

        cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length); 

        cryptoStream.FlushFinalBlock(); 

        var cipherTextBytes = memoryStream.ToArray(); 


        cipherText = Convert.ToBase64String(cipherTextBytes); 

       } 
       catch (Exception) 
       { 

        throw; 
       } 
       finally 
       { 
        password?.Dispose(); 
        symmetricKey?.Dispose(); 
        memoryStream?.Dispose(); 

       } 

       return cipherText; 
      }

我怎麼可以重寫這段代碼,以滿足微軟的準則

來源

2016-07-02 Binson Eldhose

+0

使用 「使用(......)」 爲密碼,symmetricKey,MemoryStream的。 –

+1

或者是因爲Microsoft的分析規則不能識別「password?.Dispose()」的語法?如果將其重寫爲'if(obj!= null)obj.Dispose();'? – kennyzx

+0

Kennyzx可能是正確的...您必須以舊方式編寫代碼或者抑制虛假警告 –

回答

0

使用Using { ... }塊像它下面的總結,這將確保一次性實例得到處理的,一旦超出範圍。確保將所有一次性物品包裝在using {}區塊中,而不僅僅是下面所示的物品。

using (symmetricKey = new RijndaelManaged { Mode = CipherMode.CBC }) 
{ 
    //rest code goes here 
}

來源

2016-07-02 07:13:12 Rahul

+0

沒有它沒有打擾 –

+0

@BinsonEldhose,向你展示了路徑。就像我剛纔提到的那樣,你需要將所有可用的對象封裝在一個'using {}'塊中,而不僅僅是在回答中提到的那個。 – Rahul

1

每一次性對象 「使用(...)」:

... 
var initVectorBytes = Encoding.UTF8.GetBytes(initVector); 
var saltValueBytes = Encoding.UTF8.GetBytes(saltValue); 
var plainTextBytes = Encoding.UTF8.GetBytes(plainText); 
string cipherText; 
using (var memoryStream = new MemoryStream()) 
{ 
    using (var password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, passwordIterations)) 
    { 
    var keyBytes = password.GetBytes(keySize/8); 
    using (var symmetricKey = new RijndaelManaged {Mode = CipherMode.CBC}) 
    { 
     var encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes); 
     var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write); 
     cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length); 
     cryptoStream.FlushFinalBlock(); 
     var cipherTextBytes = memoryStream.ToArray(); 
     cipherText = Convert.ToBase64String(cipherTextBytes); 
    } 
    } 
} 
return cipherText; 
...

using Statement (C# Reference)

來源

2016-07-02 07:23:03

相關問題

 相關問題