Hi There
I am inheriting from DateTimePicker class to create a DateTimePicker
control with a configurable back colour. I got the original code from
http://dotnet.mvps.org/ then converted it to C# and it works OK in .NET
2.0 except for two warnings from CodeAnalysis:
CA2123 : Microsoft.Security : The virtual method
DateTimePicker.WndProc(Message&):Void defined by type
'System.Windows.Forms.DateTimePicker' and its override
ExtendedDateTimePicker.WndProc(Message&):Void do not have the same
LinkDemand status. Add a LinkDemand where required.
CA2122 : Microsoft.Security :
ExtendedDateTimePicker.WndProc(Message&):Void calls into
DateTimePicker.WndProc(Message&):Void which has a LinkDemand. By making
this call, DateTimePicker.WndProc(Message&):Void is indirectly exposed
to user code. Review the following call stack that might expose a way
to circumvent security protection:
->System.Windows.Forms.DateTimePicker.WndProc(Syste m.Windows.Forms.Message@)
: Void
->PickupBooking.ExtendedDateTimePicker.WndProc
My knowledge of security is amatuer and I need to deploy this project
with no security warnings ... I would greatly appreciate if anyone
could show me how fix the warnings and/or point out some good .NET 2.0
resources for security novices.
Btw, my C# 2.0 code is below.
TIA
Bill
using System;
using System.Windows.Forms;
using System.ComponentModel;
using System.Drawing;
namespace PickupBooking
{
public class ExtendedDateTimePicker : DateTimePicker
{
private SolidBrush m_BackBrush;
[Browsable(true),
DesignerSerializationVisibility(DesignerSerializat ionVisibility.Visible)]
public override Color BackColor
{
get
{
return base.BackColor;
}
set
{
if (!(m_BackBrush == null))
{
m_BackBrush.Dispose();
}
base.BackColor = value;
m_BackBrush = new SolidBrush(this.BackColor);
this.Invalidate();
}
}
protected override void WndProc(ref Message m)
{
const Int32 WM_ERASEBKGND = 20;
if (m.Msg == WM_ERASEBKGND)
{
Graphics g = Graphics.FromHdc(m.WParam);
if (m_BackBrush == null)
{
m_BackBrush = new SolidBrush(this.BackColor);
}
g.FillRectangle(m_BackBrush, this.ClientRectangle);
g.Dispose();
}
else
{
base.WndProc(ref m);
}
}
protected override void Dispose(bool disposing)
{
if (disposing && !(m_BackBrush == null))
{
m_BackBrush.Dispose();
}
base.Dispose(disposing);
}
}
}