Merge pull request #5594 from MicrosoftDocs/master637303658139836941

For protected CLA branch, push strategy should use PR and merge to target branch method to work around git push error

Author: ghogen

docs/code-quality/ca2350.md

@@ -0,0 +1,71 @@
+---
+title: "CA2350: Ensure DataTable.ReadXml()'s input is trusted"
+ms.date: 07/14/2020
+ms.topic: reference
+author: dotpaul
+ms.author: paulming
+manager: jillfra
+dev_langs:
+ - CSharp
+ms.workload:
+  - "multiple"
+f1_keywords:
+  - "CA2350"
+---
+# CA2350: Ensure DataTable.ReadXml()'s input is trusted
+
+|Item|Value|
+|-|-|
+|CheckId|CA2350|
+|Category|Microsoft.Security|
+|Breaking change|Non-breaking|
+
+## Cause
+
+The <xref:System.Data.DataTable.ReadXml%2A?displayProperty=nameWithType> method was called or referenced.
+
+## Rule description
+
+When deserializing a <xref:System.Data.DataTable> with untrusted input, an attacker can craft malicious input to perform a denial of service attack. There may be unknown remote code execution vulnerabilities.
+
+For more information, see [DataSet and DataTable security guidance](https://go.microsoft.com/fwlink/?linkid=2132227).
+
+## How to fix violations
+
+- If possible, use [Entity Framework](https://docs.microsoft.com/ef/) rather than the <xref:System.Data.DataTable>.
+- Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.
+
+## When to suppress warnings
+
+[!INCLUDE[insecure-deserializers-common-safe-to-suppress](includes/insecure-deserializers-common-safe-to-suppress-md.md)]
+
+## Pseudo-code examples
+
+### Violation
+
+```csharp
+using System.Data;
+
+public class ExampleClass
+{
+    public DataTable MyDeserialize(string untrustedXml)
+    {
+        DataTable dt = new DataTable();
+        dt.ReadXml(untrustedXml);
+    }
+}
+```
+
+## Related rules
+
+[CA2351: Ensure DataSet.ReadXml()'s input is trusted](ca2351.md)
+
+[CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks](ca2352.md)
+
+[CA2353: Unsafe DataSet or DataTable in serializable type](ca2353.md)
+
+[CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attack](ca2354.md)
+
+[CA2355: Unsafe DataSet or DataTable in deserialized object graph](ca2355.md)
+
+[CA2356: Unsafe DataSet or DataTable in web deserialized object graph](ca2356.md)

docs/code-quality/ca2351.md

@@ -0,0 +1,71 @@
+---
+title: "CA2351: Ensure DataSet.ReadXml()'s input is trusted"
+ms.date: 07/14/2020
+ms.topic: reference
+author: dotpaul
+ms.author: paulming
+manager: jillfra
+dev_langs:
+ - CSharp
+ms.workload:
+  - "multiple"
+f1_keywords:
+  - "CA2351"
+---
+# CA2351: Ensure DataSet.ReadXml()'s input is trusted
+
+|Item|Value|
+|-|-|
+|CheckId|CA2351|
+|Category|Microsoft.Security|
+|Breaking change|Non-breaking|
+
+## Cause
+
+The <xref:System.Data.DataSet.ReadXml%2A?displayProperty=nameWithType> method was called or referenced.
+
+## Rule description
+
+When deserializing a <xref:System.Data.DataSet> with untrusted input, an attacker can craft malicious input to perform a denial of service attack. There may be unknown remote code execution vulnerabilities.
+
+For more information, see [DataSet and DataTable security guidance](https://go.microsoft.com/fwlink/?linkid=2132227).
+
+## How to fix violations
+
+- If possible, use [Entity Framework](https://docs.microsoft.com/ef/) rather than the <xref:System.Data.DataSet>.
+- Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.
+
+## When to suppress warnings
+
+[!INCLUDE[insecure-deserializers-common-safe-to-suppress](includes/insecure-deserializers-common-safe-to-suppress-md.md)]
+
+## Pseudo-code examples
+
+### Violation
+
+```csharp
+using System.Data;
+
+public class ExampleClass
+{
+    public DataSet MyDeserialize(string untrustedXml)
+    {
+        DataSet dt = new DataSet();
+        dt.ReadXml(untrustedXml);
+    }
+}
+```
+
+## Related rules
+
+[CA2350: Ensure DataTable.ReadXml()'s input is trusted](ca2350.md)
+
+[CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks](ca2352.md)
+
+[CA2353: Unsafe DataSet or DataTable in serializable type](ca2353.md)
+
+[CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attack](ca2354.md)
+
+[CA2355: Unsafe DataSet or DataTable in deserialized object graph](ca2355.md)
+
+[CA2356: Unsafe DataSet or DataTable in web deserialized object graph](ca2356.md)

docs/code-quality/ca2352.md

@@ -0,0 +1,69 @@
+---
+title: "CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks"
+ms.date: 07/14/2020
+ms.topic: reference
+author: dotpaul
+ms.author: paulming
+manager: jillfra
+dev_langs:
+ - CSharp
+ms.workload:
+  - "multiple"
+f1_keywords:
+  - "CA2352"
+---
+# CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks
+
+|Item|Value|
+|-|-|
+|CheckId|CA2352|
+|Category|Microsoft.Security|
+|Breaking change|Non-breaking|
+
+## Cause
+
+A class or struct marked with <xref:System.SerializableAttribute> contains a <xref:System.Data.DataSet> or <xref:System.Data.DataTable> field or property, and doesn't have a <xref:System.CodeDom.Compiler.GeneratedCodeAttribute>.
+
+## Rule description
+
+When deserializing untrusted input with <xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter> and the deserialized object graph contains a <xref:System.Data.DataSet> or <xref:System.Data.DataTable>, an attacker can craft a malicious payload to perform a remote code execution attack.
+
+For more information, see [DataSet and DataTable security guidance](https://go.microsoft.com/fwlink/?linkid=2132227).
+
+## How to fix violations
+
+- If possible, use [Entity Framework](https://docs.microsoft.com/ef/) rather than <xref:System.Data.DataSet> and <xref:System.Data.DataTable>.
+- Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.
+
+## When to suppress warnings
+
+[!INCLUDE[insecure-deserializers-common-safe-to-suppress](includes/insecure-deserializers-common-safe-to-suppress-md.md)]
+
+## Pseudo-code examples
+
+### Violation
+
+```csharp
+using System.Data;
+using System.Runtime.Serialization;
+
+[Serializable]
+public class MyClass
+{
+    public DataSet MyDataSet { get; set; }
+}
+```
+
+## Related rules
+
+[CA2350: Ensure DataTable.ReadXml()'s input is trusted](ca2350.md)
+
+[CA2351: Ensure DataSet.ReadXml()'s input is trusted](ca2351.md)
+
+[CA2353: Unsafe DataSet or DataTable in serializable type](ca2353.md)
+
+[CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attack](ca2354.md)
+
+[CA2355: Unsafe DataSet or DataTable in deserialized object graph](ca2355.md)
+
+[CA2356: Unsafe DataSet or DataTable in web deserialized object graph](ca2356.md)

docs/code-quality/ca2353.md

@@ -0,0 +1,91 @@
+---
+title: "CA2353: Unsafe DataSet or DataTable in serializable type"
+ms.date: 07/14/2020
+ms.topic: reference
+author: dotpaul
+ms.author: paulming
+manager: jillfra
+dev_langs:
+ - CSharp
+ms.workload:
+  - "multiple"
+f1_keywords:
+  - "CA2353"
+---
+# CA2353: Unsafe DataSet or DataTable in serializable type
+
+|Item|Value|
+|-|-|
+|CheckId|CA2353|
+|Category|Microsoft.Security|
+|Breaking change|Non-breaking|
+
+## Cause
+
+A class or struct marked with an XML serialization attribute or a data contract attribute contains a <xref:System.Data.DataSet> or <xref:System.Data.DataTable> field or property.
+
+XML serialization attributes include:
+
+- <xref:System.Xml.Serialization.XmlAnyAttributeAttribute>
+- <xref:System.Xml.Serialization.XmlAnyElementAttribute>
+- <xref:System.Xml.Serialization.XmlArrayAttribute>
+- <xref:System.Xml.Serialization.XmlArrayItemAttribute>
+- <xref:System.Xml.Serialization.XmlChoiceIdentifierAttribute>
+- <xref:System.Xml.Serialization.XmlElementAttribute>
+- <xref:System.Xml.Serialization.XmlEnumAttribute>
+- <xref:System.Xml.Serialization.XmlIgnoreAttribute>
+- <xref:System.Xml.Serialization.XmlIncludeAttribute>
+- <xref:System.Xml.Serialization.XmlRootAttribute>
+- <xref:System.Xml.Serialization.XmlTextAttribute>
+- <xref:System.Xml.Serialization.XmlTypeAttribute>
+
+Data contract serialization attributes include:
+
+- <xref:System.Runtime.Serialization.DataContractAttribute>
+- <xref:System.Runtime.Serialization.DataMemberAttribute>
+- <xref:System.Runtime.Serialization.IgnoreDataMemberAttribute>
+- <xref:System.Runtime.Serialization.KnownTypeAttribute>
+
+## Rule description
+
+When deserializing untrusted input and the deserialized object graph contains a <xref:System.Data.DataSet> or <xref:System.Data.DataTable>, an attacker can craft a malicious payload to perform a remote code execution attack. There may be unknown remote code execution vulnerabilities.
+
+For more information, see [DataSet and DataTable security guidance](https://go.microsoft.com/fwlink/?linkid=2132227).
+
+## How to fix violations
+
+- If possible, use [Entity Framework](https://docs.microsoft.com/ef/) rather than <xref:System.Data.DataSet> and <xref:System.Data.DataTable>.
+- Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.
+
+## When to suppress warnings
+
+[!INCLUDE[insecure-deserializers-common-safe-to-suppress](includes/insecure-deserializers-common-safe-to-suppress-md.md)]
+
+## Pseudo-code examples
+
+### Violation
+
+```csharp
+using System.Data;
+using System.Runtime.Serialization;
+
+[XmlRoot]
+public class MyClass
+{
+    public DataSet MyDataSet { get; set; }
+}
+```
+
+## Related rules
+
+[CA2350: Ensure DataTable.ReadXml()'s input is trusted](ca2350.md)
+
+[CA2351: Ensure DataSet.ReadXml()'s input is trusted](ca2351.md)
+
+[CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks](ca2352.md)
+
+[CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attack](ca2354.md)
+
+[CA2355: Unsafe DataSet or DataTable in deserialized object graph](ca2355.md)
+
+[CA2356: Unsafe DataSet or DataTable in web deserialized object graph](ca2356.md)

docs/code-quality/ca2354.md

@@ -0,0 +1,87 @@
+---
+title: "CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attack"
+ms.date: 07/14/2020
+ms.topic: reference
+author: dotpaul
+ms.author: paulming
+manager: jillfra
+dev_langs:
+ - CSharp
+ms.workload:
+  - "multiple"
+f1_keywords:
+  - "CA2354"
+---
+# CA2354: Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attack
+
+|Item|Value|
+|-|-|
+|CheckId|CA2354|
+|Category|Microsoft.Security|
+|Breaking change|Non-breaking|
+
+## Cause
+
+Deserializing with an <xref:System.Runtime.Serialization.IFormatter?displayProperty=nameWithType> serialized, and the casted type's object graph can include a <xref:System.Data.DataSet> or <xref:System.Data.DataTable>.
+
+This rule uses a different approach to a similar rule, [CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks](ca2352.md).
+
+## Rule description
+
+When deserializing untrusted input with <xref:System.Runtime.Serialization.Formatters.Binary.BinaryFormatter> and the deserialized object graph contains a <xref:System.Data.DataSet> or <xref:System.Data.DataTable>, an attacker can craft a malicious payload to perform a remote code execution attack.
+
+For more information, see [DataSet and DataTable security guidance](https://go.microsoft.com/fwlink/?linkid=2132227).
+
+## How to fix violations
+
+- If possible, use [Entity Framework](https://docs.microsoft.com/ef/) rather than <xref:System.Data.DataSet> and <xref:System.Data.DataTable>.
+- Make the serialized data tamper-proof. After serialization, cryptographically sign the serialized data. Before deserialization, validate the cryptographic signature. Protect the cryptographic key from being disclosed and design for key rotations.
+
+## When to suppress warnings
+
+[!INCLUDE[insecure-deserializers-common-safe-to-suppress](includes/insecure-deserializers-common-safe-to-suppress-md.md)]
+
+## Pseudo-code examples
+
+### Violation
+
+```csharp
+using System.Data;
+using System.IO;
+using System.Runtime.Serialization;
+
+[Serializable]
+public class MyClass
+{
+    public MyOtherClass OtherClass { get; set; }
+}
+
+[Serializable]
+public class MyOtherClass
+{
+    private DataSet myDataSet;
+}
+
+public class ExampleClass
+{
+    public MyClass Deserialize(Stream stream)
+    {
+        BinaryFormatter bf = new BinaryFormatter();
+        return (MyClass) bf.Deserialize(stream);
+    }
+}
+```
+
+## Related rules
+
+[CA2350: Ensure DataTable.ReadXml()'s input is trusted](ca2350.md)
+
+[CA2351: Ensure DataSet.ReadXml()'s input is trusted](ca2351.md)
+
+[CA2352: Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks](ca2352.md)
+
+[CA2353: Unsafe DataSet or DataTable in serializable type](ca2353.md)
+
+[CA2355: Unsafe DataSet or DataTable in deserialized object graph](ca2355.md)
+
+[CA2356: Unsafe DataSet or DataTable in web deserialized object graph](ca2356.md)