Unsafe DataSet or DataTable in autogenerated serializable type can be vulnerable to remote code execution attacks

When deserializing untrusted input with System.Runtime.Serialization.Formatters.Binary.BinaryFormatter and the deserialized object graph contains a System.Data.DataSet or System.Data.DataTable, an attacker can craft a malicious payload to perform a remote code execution attack.

This rule is like CA2352, but for autogenerated code for an in-memory representation of data within a GUI application. Usually, these autogenerated classes aren't deserialized from untrusted input. Your application's usage may vary.

This rule finds types which are insecure when deserialized. If your code doesn't deserialize the types found, then you don't have a deserialization vulnerability.

For more information, see DataSet and DataTable security guidance.

A class or struct marked with System.SerializableAttribute contains a System.Data.DataSet or System.Data.DataTable field or property, and does have a System.ComponentModel.DesignerCategoryAttribute.

CA2352 is a similar rule, for when there isn't a System.ComponentModel.DesignerCategoryAttribute.

• If possible, use Entity Framework rather than System.Data.DataSet and System.Data.DataTable.
• Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.

It's safe to suppress a warning from this rule if:

• The type found by this rule is never deserialized, either directly or indirectly.
• You know the input is trusted. Consider that your application's trust boundary and data flows may change over time.
• You've taken one of the precautions in How to fix violations.