Skip to content

Latest commit

 

History

History
48 lines (31 loc) · 2.98 KB

clrunmanagedcodecheck-add-suppressunmanagedcodesecurityattribute.md

File metadata and controls

48 lines (31 loc) · 2.98 KB
description title ms.date ms.topic f1_keywords helpviewer_keywords ms.assetid author ms.author
Learn more about: /CLRUNMANAGEDCODECHECK (Remove SuppressUnmanagedCodeSecurityAttribute)
/CLRUNMANAGEDCODECHECK (Remove SuppressUnmanagedCodeSecurityAttribute)
09/19/2022
reference
VC.Project.VCLinkerTool.CLRUnmanagedCodeCheck
/CLRUNMANAGEDCODECHECK
-CLRUNMANAGEDCODECHECK linker option
/CLRUNMANAGEDCODECHECK linker option
73abc426-dab0-45e2-be85-0f9a14206cc2
tylermsft
twhitney

/CLRUNMANAGEDCODECHECK (Remove SuppressUnmanagedCodeSecurityAttribute)

/CLRUNMANAGEDCODECHECK specifies that the linker doesn't apply xref:System.Security.SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls from managed code into native DLLs.

Syntax

/CLRUNMANAGEDCODECHECK
/CLRUNMANAGEDCODECHECK:NO

Remarks

By default, the linker applies the SuppressUnmanagedCodeSecurityAttribute attribute to linker-generated PInvoke calls. When /CLRUNMANAGEDCODECHECK is in effect, SuppressUnmanagedCodeSecurityAttribute is removed. To explicitly apply the SuppressUnmanagedCodeSecurityAttribute attribute to linker-generated PInvoke calls, you can use /CLRUNMANAGEDCODECHECK:NO.

The linker only adds the attribute to objects that are compiled using /clr or /clr:pure. However, the /clr:pure compiler option is deprecated in Visual Studio 2015 and unsupported in Visual Studio 2017 and later.

A PInvoke call is generated by the linker when the linker can't find a managed symbol to satisfy a reference from a managed caller but can find a native symbol to satisfy that reference. For more information about PInvoke, see Calling Native Functions from Managed Code.

If you use xref:System.Security.AllowPartiallyTrustedCallersAttribute in your code, you should explicitly set /CLRUNMANAGEDCODECHECK to remove the SuppressUnmanagedCodeSecurity attribute. It's a potential security vulnerability if an image contains both the SuppressUnmanagedCodeSecurity and AllowPartiallyTrustedCallers attributes.

For more information about the implications of using SuppressUnmanagedCodeSecurityAttribute, see Secure Coding Guidelines for Unmanaged Code.

To set this linker option in the Visual Studio development environment

  1. Open the Property Pages dialog box for the project. For more information, see Set compiler and build properties.

  2. Select the Configuration Properties > Linker > Advanced property page.

  3. Modify the CLR Unmanaged Code Check property.

To set this linker option programmatically

  1. See xref:Microsoft.VisualStudio.VCProjectEngine.VCLinkerTool.CLRUnmanagedCodeCheck%2A.

See also

MSVC linker reference
MSVC linker options