ansaurus

Question

Answer 1

+1 A:

The cryptostream is based on the memorystream.

What appears to be happening is that when the crypostream is disposed (at end of using) the memorystream is also disposed, then the memorystream is disposed again.

Shiraz Bhaiji 2010-09-30 14:52:15

what bug? statement in warning is correct.

Andrey 2010-09-30 14:54:58

VS2010 Premium, not a beta

testalino 2010-09-30 14:55:28

Answer 2

A:

Off-topic but I would suggest you to use a different formatting technique for grouping usings:

using (var memoryStream = new MemoryStream())
{
    using (var cryptograph = new DESCryptoServiceProvider())
    using (var encryptor = cryptograph.CreateEncryptor(key, iv))
    using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
    using (var streamWriter = new StreamWriter(cryptoStream))
    {
        streamWriter.Write(data);
    }

    return memoryStream.ToArray();
}

I also advocate using vars here to avoid repetitions of really long class names.

P.S. Thanks to @ShellShock for pointing out I can't omit braces for first using as it would make memoryStream in return statement out of the scope.

gaearon 2010-09-30 14:53:51

Won't memoryStream.ToArray() be out of scope?

ShellShock 2010-09-30 14:55:42

This is absolutely equivalent to the original piece of code. I just ommited curly braces, much like you can do so with `if`s (though I wouldn't advice this technique for anything other than `using`s).

gaearon 2010-09-30 14:58:08

In the original code, memoryStream.ToArray() was inside the scope of the first using; you've got it outside the scope.

ShellShock 2010-09-30 15:07:43

Thank you so much, I just realized you meant `return` statement. So true. I edited the answer to reflect this.

gaearon 2010-09-30 15:29:14

Answer 3

+1 A:

When a StreamWriter is disposed, it will automatically dispose the wrapped Stream (here: the CryptoStream). CryptoStream also automatically disposes the wrapped Stream (here: the MemoryStream).

So your MemoryStream is disposed both by the CryptoStream and the using statement. And your CryptoStream is disposed by the StreamWriter and the outer using statement.

After some experimentation, it seems to be impossible to get rid of warnings completely. Theorectically, the MemoryStream needs to be disposed, but then you theoretically couldn't access its ToArray method anymore. Practically, a MemoryStream does not need to be disposed, so I'd go with this solution and suppress the CA2000 warning.

var memoryStream = new MemoryStream();

using (var cryptograph = new DESCryptoServiceProvider())
using (var writer = new StreamWriter(new CryptoStream(memoryStream, ...)))
{
    writer.Write(data);
}

return memoryStream.ToArray();

dtb 2010-09-30 15:06:14

This code still generate warnings.

Matthieu 2010-09-30 15:22:45

@dtb Thanks for your attempts to solve this.

testalino 2010-10-01 10:29:44

Answer 4

+2 A:

Well, it is accurate, the Dispose() method on these streams will be called more than one. The StreamReader class will take 'ownership' of the cryptoStream so disposing streamWriter will also dispose cryptoStream. Similarly, the CryptoStream class takes over responsibility for the memoryStream.

These are not exactly real bugs, these .NET classes are resilient to multiple Dispose() calls. But if you want to get rid of the warning then you should drop the using statement for these objects. And pain yourself a bit when reasoning what will happen if the code throws an exception. Or shut-up the warning with an attribute. Or just ignore the warning since it is silly.

Hans Passant 2010-09-30 15:09:53

Having to have special knowledge about the internal behavior of classes (like a disposable taking ownership of another one) is too much to ask if one wants to design a reusable API. So I think that the `using` statements should stay. These warnings are really silly.

Jordão 2010-09-30 15:16:57

@Jordão - isn't that what to tool is for? To warn you about internal behavior you might not have known about?

Hans Passant 2010-09-30 15:27:46

Maybe you're right. But the problem is that internal behavior can _change_ in the future. You shouldn't have to rely on it to use the API. So to me, just suppress the warnings.

Jordão 2010-09-30 15:51:11

Nah, it is not internal behavior, it is documented behavior. And it is logical behavior. It will never change.

Hans Passant 2010-09-30 15:56:22

I agree. But, I still wouldn't drop the `using` statements. It just feels wrong to rely on another object to dispose of an object that I created. For this code, it's OK, but there're many implementations of `Stream` and `TextWriter` out there (not only on the BCL). The code to use them all should be consistent.

Jordão 2010-09-30 16:27:50

Answer 5

A:

Try something like this per Microsoft documentation about this warning :

public static byte[] Encrypt(string data, byte[] key, byte[] iv)
  {
     MemoryStream memoryStream = null;
     CryptoStream cryptoStream = null;

     try
     {
        memoryStream = new MemoryStream();
        using (DESCryptoServiceProvider cryptograph = new DESCryptoServiceProvider())
        {
           cryptoStream = new CryptoStream(memoryStream, cryptograph.CreateEncryptor(key, iv), CryptoStreamMode.Write);
           using (StreamWriter streamWriter = new StreamWriter(cryptoStream))
           {
              memoryStream = null;
              cryptoStream = null;
              streamWriter.Write(data);
              return // Have to recover the memoryStream from the StreamWriter ?
           }
        }
     }
     finally
     {
        if (cryptoStream != null)
        {
           cryptoStream.Dispose();
        }
        else
        {
           if (memoryStream != null)
              memoryStream.Dispose();
        }
     }
  }

Matthieu 2010-09-30 15:24:36

But doesn't this dispose cryptoStream and memoryStream twice as well, even if Code Analysis doesn't discover it?

dtb 2010-09-30 15:35:47

@Dtb - What logical path could dispose of them twice ? As CryptoStream automatically dispose of MemoryStream, we don't try to dispose of MemoryStream if CryptoStream has already been disposed. Same for both of them if StreamWriter has already been disposed.

Matthieu 2010-09-30 15:41:10

Sorry, I didn't notice `memoryStream = null; cryptoStream = null;`. But now `return memoryStream.ToArray();` throws a NullReferenceException, no?

dtb 2010-09-30 15:50:31

@Dtb - True :( I wonder if we could recover the data from streamWriter as the BaseStream is accessible, never tried that...

Matthieu 2010-09-30 16:25:26

Answer 6

A:

I used this kind of code that takes byte[] and return byte[] without using streams

public static byte[] Encrypt(byte[] data, byte[] key, byte[] iv)
{
  DES des = new DES();
  des.BlockSize = 128;
  des.Mode = CipherMode.CBC;
  des.Padding = PaddingMode.Zeros;
  des.IV = IV
  des.Key = key
  ICryptoTransform encryptor = des.CreateEncryptor();

  //and finaly operations on bytes[] insted of streams
  return encryptor.TransformFinalBlock(plaintextarray,0,plaintextarray.Length);
}

This way all you have to do is conversion from string to byte[] using encodings.

ralu 2010-09-30 15:28:42

Answer 7

A:

I would do this using #pragma warning disable.

The .NET Framework Guidelines recommend to implement IDisposable.Dispose in such a way that it can be called multiple times. From the MSDN description of IDisposable.Dispose:

The object must not throw an exception if its Dispose method is called multiple times

Therefore the warning seems to be almost meaningless:

To avoid generating a System.ObjectDisposedException you should not call Dispose more than one time on an object

I guess it could be argued that the warning may be helpful if you're using a badly-implemented IDisposable object that does not follow the standard implementation guidelines. But when using classes from the .NET Framework like you are doing, I'd say it's safe to suppress the warning using a #pragma. And IMHO this is preferable to going through hoops as suggested in the MSDN documentation for this warning.

Joe 2010-09-30 15:41:10

Answer 8

A:

You should suppress the warnings in this case. Code that deals with disposables should be consistent, and you shouldn't have to know that other classes take ownership of the disposables you created:

[SuppressMessage("Microsoft.Usage", "CA2202:Do not dispose objects multiple times")]
public static byte[] Encrypt(string data, byte[] key, byte[] iv) {
  using (var memoryStream = new MemoryStream()) {
    using (var cryptograph = new DESCryptoServiceProvider())
    using (var cryptoStream = new CryptoStream(memoryStream, cryptograph.CreateEncryptor(key, iv), CryptoStreamMode.Write))
    using (var streamWriter = new StreamWriter(cryptoStream)) {
      streamWriter.Write(data);
    }
    return memoryStream.ToArray();
  }
}

Jordão 2010-10-01 13:07:11

Answer 9

+1 A:

This compiles without warning:

    public static byte[] Encrypt(string data, byte[] key, byte[] iv)
    {
        MemoryStream memoryStream = null;
        DESCryptoServiceProvider cryptograph = null;
        CryptoStream cryptoStream = null;
        StreamWriter streamWriter = null;
        try
        {
            memoryStream = new MemoryStream();
            cryptograph = new DESCryptoServiceProvider();
            cryptoStream = new CryptoStream(memoryStream, cryptograph.CreateEncryptor(key, iv), CryptoStreamMode.Write);
            var result = memoryStream;              
            memoryStream = null;
            streamWriter = new StreamWriter(cryptoStream);
            cryptoStream = null;
            streamWriter.Write(data);
            return result.ToArray();
        }
        finally
        {
            if (memoryStream != null)
                memoryStream.Dispose();
            if (cryptograph != null)
                cryptograph.Dispose();
            if (cryptoStream != null)
                cryptoStream.Dispose();
            if (streamWriter != null)
                streamWriter.Dispose();
        }
    }

Henrik 2010-10-12 10:05:42

ansaurus

tags:

views:

answers:

CA2202, how to solve this case

related questions