Description:
if you try to call mysqlcommand.parameters.add() with a parameter with name = ""
mysql throws IndexOutOfRangeException while trying to proccess parameter name since it doesn't count for not maed parameters.
this happens in line:436 of parameter_collecion.cs
435: string inComingName = value.ParameterName;
436: >> if (inComingName[0] == '@' || inComingName[0] == '?')
437: inComingName = inComingName.Substring(1, inComingName.Length - 1);
How to repeat:
using a simple function:
DROP FUNCTION IF EXISTS simpletest;
DELIMITER $$
CREATE FUNCTION simpletest()
RETURNS DATETIME
BEGIN
RETURN NOW();
END$$
DELIMITER ;
the next code reproduces the crash:
Dim con As New MySqlConnection
Dim bld As New MySql.Data.MySqlClient.MySqlConnectionStringBuilder
bld.Server = "localhost"
bld.UserID = "root"
bld.Password = "12345678"
bld.Database = "sakila"
con.ConnectionString = bld.ConnectionString
con.Open()
Dim cmd As New MySqlCommand("simpletest", con)
cmd.CommandType = CommandType.StoredProcedure
Dim p1 As New MySqlParameter("", MySqlDbType.DateTime)
p1.Direction = ParameterDirection.ReturnValue
cmd.Parameters.Add(p1)
cmd.ExecuteNonQuery()
Dim res As Date = cmd.Parameters(0).Value
Console.Out.WriteLine(res)
Suggested fix:
a simple patch could add auto naming parameters as param1, param2, param3.. etc..
and retval for returnValue parameters, other vendors, for example oracle.data work fine if you only refer parameters by index (with no name).
or you could throw a exception especifying that you must name parameters used by mysqlcommand.