Files
codeql/csharp/ql/src/Bad Practices/UseOfSystemOutputStream.qhelp
2021-07-15 19:34:13 +02:00

18 lines
750 B
XML

<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>Writing directly to system output streams is often used as an unstructured form of logging. A
proper logging mechanism is a better way to direct messages to the desired location and also
ensures that no critical information is leaked to the standard outputs. The rule points out any
call to the <code>Console.Write*(...)</code> methods and any access to <code>Console.Out</code> or
<code>Console.Error</code>.</p>
</overview>
<recommendation>
<p>Use proper logging with a dedicated API. Alternatively redirect standard output and error
streams by calling <code>Console.SetOut(...)</code> and <code>Console.SetError(...)</code>.</p>
</recommendation>
</qhelp>