FIX: Sqltrace.dll May Cause Heap Corruption with Zero Length Binary RPC Parameter (219865)
The information in this article applies to:
This article was previously published under Q219865
BUG #: 54436 (SQLBUG_70)
SYMPTOMS
A remote procedure call (RPC) event captured by SQLProfiler with a binary or varbinary parameter that is zero length can result in heap corruption within Sqlservr.exe by Sqltrace.dll.
The problem is specific to a binary or varbinary RPC parameter, and it only occurs if the parameter value is zero length.
STATUS
Microsoft has confirmed this to be a problem in SQL Server 7.0. This problem has been corrected in U.S. Service Pack 1 for Microsoft SQL Server 7.0. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 232570INF: How to Obtain Service Pack 1 for Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0
For more information, contact your primary support provider.
MORE INFORMATION
From an ODBC perspective, this occurs if the RPC parameter was specifically bound with zero length using SQLBindParameter or if only one digit was specified in a binary string constant (for example, 0x1 or a constant to represent a zero length binary value like 0x).
For example, if you execute {call mysp(0x)}, the ODBC SQL Server driver interprets this as a zero length binary value and sends across a value of 0 and length of 0.
If you were to run the above query with SQLProfiler enabled to trace RPC events, you would see a heap corruption error under a debugger.
| Modification Type: | Major | Last Reviewed: | 3/14/2006 |
|---|
| Keywords: | kbBug kbfix kbQFE KB219865 |
|---|
|