SQL Inject: SQL注入
FxCop :静态代码分析,用软件来检测你的代码
代码检测扩展功能(自己可以写方法,来检测自己的代码有那些漏洞)
#region Using directives
using System;
using System.Globalization;
using Microsoft.Cci;
using Microsoft.FxCop.Sdk;
using Microsoft.FxCop.Sdk.Introspection;
#endregion
namespace FxCop.Rules
{
#region //comment
/// <summary>
/// <para>
/// Checks for complicated methods and constructors.
/// </para>
/// </summary>
/// <remarks>
/// <para>
/// A method or constructor is classes as complicated if it contains more than 75 method calls.
/// </para>
/// </remarks>
#endregion
public class AvoidComplicatedMethods : BaseRule
{
private const int MAXIMUM_METHOD_CALLS = 75;
#region //comment
/// <summary>
/// <para>
/// Initializes a new instance of the <see cref="AvoidComplicatedMethods"/> class.
/// </para>
/// </summary>
#endregion
public AvoidComplicatedMethods() : base("AvoidComplicatedMethods")
{
}
#region //comment
/// <summary>
/// <para>
/// This member overrides <see cref="BaseIntrospectionRule.Check(Member)"/>.
/// </para>
/// </summary>
/// <param name="m">
/// The <see cref="Member"/> to check.
/// </param>
/// <returns>
/// A <see cref="ProblemCollection"/> containing the problems associated with <paramref name="m"/>.
/// </returns>
#endregion
public override ProblemCollection Check(Member m)
{
Method method = m as Method;
if (method == null)
return null;
if (method.Instructions == null)
return null;
string name = method.Name.Name;
if (name == "InitializeComponent")
return null;
int methodCallCount = 0;
for (int i = 0; i < method.Instructions.Length; i++)
{
if (RuleHelper.IsMethodCall(method.Instructions[i]))
{
methodCallCount++;
}
}
if (methodCallCount > MAXIMUM_METHOD_CALLS)
{
AddProblem(method, methodCallCount);
}
return Problems;
}
private void AddProblem(Method m, int callCount)
{
Problems.Add(new Problem(GetResolution(RuleUtilities.Format(m), callCount.ToString(CultureInfo.CurrentCulture), MAXIMUM_METHOD_CALLS.ToString(CultureInfo.CurrentCulture))));
}
}
}
MSDN中文版的FxCop静态代码分析
<?xml version="1.0" encoding="utf-8" ?>
<Rules FriendlyName="Custom Rules">
<Rule TypeName="AvoidComplicatedMethods" Category="Custom" CheckId="CUS1000">
<Name>Avoid complicated methods</Name>
<Description>Methods that have many methods calls or property accessors are hard to maintain and therefore should be kept to a minimum.</Description>
<Owner>Not Available</Owner>
<Url>http://www.gotdotnet.com/team/fxcop/</Url>
<Resolution>'{0}' has {1} method calls. Refactor '{0}' so that it calls fewer than {2} methods.</Resolution>
<Email>Not Available</Email>
<MessageLevel Certainty="95">Warning</MessageLevel>
<FixCategories>NonBreaking</FixCategories>
</Rule>
</Rules>