Home > Articles > Programming > Windows Programming

FxCop: Policing Code Correctness

  • Print
  • + Share This
In today's programming world it's not enough that your application works—it must work reliably and in a secure manner. John Mueller discusses how Microsoft created FxCop to help developers meet the best-practices requirements for application building.
Like this article? We recommend

Like this article? We recommend

At one time, developers considered it a good day when they got their code to run on the first or second try. Users were happy, too, because a lot of code simply didn't work. Today, however, the computing environment has become a lot more complex. It's not enough that your application works—it must work reliably and in a secure manner. In addition, the application must be easy to update and use with other applications. In short, code today must meet a certain level of "correctness" in addition to working correctly. Microsoft created FxCop to help developers meet best-practices requirements for application building. FxCop makes it easy for developers to learn the correctness rules that modern application development requires. The resulting application is easier to understand and maintain—it runs more reliably and with fewer security errors.

Getting FxCop

When you download the latest version of FxCop, make sure that you get the product for the version of the .NET Framework you have, either 1.0 or 1.1. The package includes both command-line and GUI versions of FxCop that you can use in a variety of ways.

You'll also want to download the FxCop video, which explains the reasoning behind FxCop, covers the essential techniques involved, and tells where FxCop is heading. Generally, it appears that Microsoft plans to add new rules to future versions, as well as make the product easier to expand. The video doesn't actually show you how to use FxCop, though, which is why I wrote this article.

Using the FxCop GUI

The easiest way to use FxCop is to create your application and then use the GUI to analyze the result:

  1. Choose Start, Programs, Microsoft FxCop, FxCop to start the application.

  2. Click the New Project button to start a new project.

  3. Click Add Target for Analysis and select the application you want to check.

  4. At this point, you can click Analyze to see the result.

  5. Figure 1 shows the result of testing a very simple application. I didn't change any of the default settings or add any code that wasn't absolutely necessary to make the application work. The application includes a simple push button named Test. Clicking Test displays a message box saying that this is a test. As Figure 1 shows, however, even a simple application can break the rules.

  6. The right side of the display shows a breakdown of the application. Click a particular level to see the problems with that portion of the application. In this case, I've selected the application, so you're seeing all the problems that FxCop found.

  7. Figure 1Figure 1 Even simple applications that contain very little code can break the correctness rules..

  8. To read more about a particular problem, double-click it; FxCop displays a dialog box like the one shown in Figure 2. I selected the Rule Details tab in the figure because it shows the kind of information that FxCop provides. You're not expected to know how to fix the problem—FxCop provides guidance that really makes the process easy.

  9. Figure 2Figure 2 FxCop doesn't leave you wondering how to fix correctness errors.

  • + Share This
  • 🔖 Save To Your Account