Bug #104913 Cannot execute stored procedure with backtick in name
Submitted: 11 Sep 2021 4:00 Modified: 1 Jun 2022 15:19
Reporter: Bradley Grainger (OCA) Email Updates:
Status: Closed Impact on me:
Category:Connector / NET Severity:S2 (Serious)
Version:8.0.26 OS:Windows (10)
Assigned to: CPU Architecture:Any

[11 Sep 2021 4:00] Bradley Grainger
It's not possible to set MySqlCommand.CommandText to the name of a stored procedure that contains a backtick, then execute that stored procedure.

Instead, you receive MySqlException: Procedure or function 'ab' cannot be found in database 'db'.

How to repeat:
Create the following stored procedure:

	SELECT 'test' AS Result;

Run this C#:
using var connection = new MySqlConnection("...");

using var command = connection.CreateCommand();
command.CommandType = CommandType.StoredProcedure;

// none of these work
command.CommandText = "`a``b`";
// command.CommandText = "a`b";
// command.CommandText = "a``b";

// throws MySqlException
using var reader = command.ExecuteReader();

Suggested fix:
MySqlCommand.CommandText should allow the escaped name of a stored procedure, potentially fully-qualified with the database name, e.g., "db.`a``b`".
[11 Sep 2021 10:20] MySQL Verification Team
Hello Bradley,

Thank you for the report and test case.
Verified as described.

[1 Jun 2022 15:19] Christine Cole
Posted by developer:
Fixed as of the upcoming MySQL Connector/NET 8.0.30 release, and here's the proposed changelog entry from the documentation team:

MySqlCommand.CommandText emitted an error if the stored procedure to
execute included one or more backtick characters (`) in the name.

Thank you for the bug report.