Bug #107699 | MySQL ODBC 8.0 Unicode Driver Fails to deal with .NET Unsigned Integers. | ||
---|---|---|---|
Submitted: | 29 Jun 2022 9:57 | Modified: | 13 Jul 2022 10:23 |
Reporter: | Robin Hickmott | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | Connector / ODBC | Severity: | S2 (Serious) |
Version: | 8.0.29 | OS: | Windows |
Assigned to: | CPU Architecture: | Any |
[29 Jun 2022 9:57]
Robin Hickmott
[5 Jul 2022 9:44]
MySQL Verification Team
Hello Robin, Thank you for the bug report. Verified as described. Regards, Ashwini Patil
[13 Jul 2022 10:23]
Bogdan Degtyariov
Posted by developer: It looks like after connecting to MySQL Server the .NET engine is not calling any ODBC driver functions up to the point where the exception is thrown. The exception and the error are happening because this usage of .AddWithValue() function forces .NET to guess the database type of the parameter. Sometimes it guesses right and sometimes (like in the present case) it guesses wrong. The recommended way is to indicate the value type explicitly as: mUpdate.Parameters.AddWithValue(":TEST", Convert.ToInt64(tValue)) or mUpdate.Parameters.Add(":Name", OdbcType.Int).Value = tValue ' for 32-bit integers mUpdate.Parameters.Add(":Name", OdbcType.BigInt).Value = tValue ' for 64-bit integers This not only improves the performance plus avoids the guessing error, but also it is more secure because not specifying the parameter type leaves the code vulnerable to SQL injections. It is not a regression because the older versions of ODBC driver behave in the same way. Again, after the connection is established the .NET engine does not make a single call to ODBC driver before throwing the exception. Marking this report as not a bug. If you have more evidence that this is actually a bug, we will be happy to investigate more.