IDispose and best practice

Question

I utilized the Code Analysis tool, which provided the following warning.

Severity Code Description Project File Line Suppression State Warning CA2202 Object 'stream' can be disposed more than once in method 'Cipher.Encryptor(string)'. To avoid generating a System.ObjectDisposedException you should not call Dispose more than one time on an object.: Lines: 43 Service Layer ...\Cipher.cs 43 Active

It stems from the "tower of power":

    public static string Encryptor(string input)
    {
        var content = String.Empty;

        var cipher = new RijndaelManaged();
        var plain = Encoding.Unicode.GetBytes(input);
        var key = new PasswordDeriveBytes(password, salt);

        using (var encrypt = cipher.CreateEncryptor(key.GetBytes(32), key.GetBytes(16)))
        using (var stream = new MemoryStream())
        using (var cryptographic = new CryptoStream(stream, encrypt, CryptoStreamMode.Write))
        {
            cryptographic.Write(plain, 0, plain.Length);
            cryptographic.FlushFinalBlock();
            content = Convert.ToBase64String(stream.ToArray());
        }

        return content;
    }

In this instance I'm utilizing a MemoryStream, CryptoStream, and ICryptoTransform. Why does Visual Studio's Code Analysis flag this for a warning? This is from the built in Code Analysis in Visual Studio 2015.

=================

Here's a shorter repro:

using System.IO;
using System.Security.Cryptography;

namespace ClassLibrary1
{
   public class Class1
   {
      void foo()
       {
          using (var memStream = new MemoryStream())
          using (var xForm = new FromBase64Transform())
          using (var cStream = new CryptoStream(memStream, xForm, CryptoStreamMode.Read))
             ;
       }
   }
}

... and this can be seen in VS2013 Up5

That warning is bizarre. The MSDN documentation states clearly that Dispose is supposed to be idempotent. https://msdn.microsoft.com/en-us/library/fs2xkftw.aspx — Eric Lippert, Dec 22 '15 at 15:13
This is actually an incorrect warning. According to the [documentation](https://msdn.microsoft.com/en-us/library/system.idisposable.dispose(v=vs.110).aspx#Anchor_1): *If an object's Dispose method is called more than once, the object must ignore all calls after the first one. The object must not throw an exception if its Dispose method is called multiple times. Instance methods other than Dispose can throw an ObjectDisposedException when resources are already disposed.* — Michael Liu, Dec 22 '15 at 15:14
By guessing what is on the `...` I'd say `CryptoStream` takes the `MemoryStream` as constructor argument and is known for disposing it. So your outer using statement disposes it the second time. But I don't know the best practice here. — René Vogt, Dec 22 '15 at 15:16
@PatrickHofman A small sample, then if you run code analysis from Visual Studio it will throw that warning. — Greg, Dec 22 '15 at 15:18
@HansPassant That question ask specifically to suppress the error, however I want to know why and what causes this? Why it is even flagged as a warning. — Greg, Dec 22 '15 at 15:26
@Greg I didn't know exactly what triggered the warning either, but after reading the answers on the other one, I do now - the information is there. — James Thorpe, Dec 22 '15 at 15:27

IDispose and best practice

0 Answers0