Index: ChangeLog
===================================================================
--- ChangeLog	(revision 447)
+++ ChangeLog	(working copy)
@@ -5,6 +5,8 @@
     but must be enabled through configuration files or the DSN. (Bug #12918)
 
   Bugs fixed:
+  * Calls to SQLNativeSql could cause stack corruption due to an incorrect
+    pointer cast. (Bug #28758)
   * The wrong function was used for freeing the artificial result sets that
     are created by some catalog functions. (Bug #22797)
   * Accessing the results of catalog functions could cause a crash when the
Index: driver/execute.c
===================================================================
--- driver/execute.c	(revision 447)
+++ driver/execute.c	(working copy)
@@ -737,15 +737,19 @@
                                SQLINTEGER cbSqlStrMax,
                                SQLINTEGER *pcbSqlStr)
 {
-    ulong offset= 0;
+  SQLRETURN rc;
+  SQLLEN    len= (pcbSqlStr ? *pcbSqlStr : 0);
+  ulong     offset= 0;
 
-    MYODBCDbgEnter;
+  MYODBCDbgEnter;
 
-    MYODBCDbgReturnReturn( copy_lresult(SQL_HANDLE_DBC, hdbc,
-                                 szSqlStr,cbSqlStrMax,
-                                 (SQLLEN *)pcbSqlStr,
-                                 (char*) szSqlStrIn, cbSqlStrIn,0L,0L,
-                                 &offset,0));
+  rc= copy_lresult(SQL_HANDLE_DBC, hdbc, szSqlStr, cbSqlStrMax, &len,
+                   (char *)szSqlStrIn, cbSqlStrIn, 0L, 0L, &offset, 0);
+
+  if (pcbSqlStr)
+    *pcbSqlStr= (SQLINTEGER)len;
+
+  MYODBCDbgReturnReturn(rc);
 }
 
 
Index: test/my_basics.c
===================================================================
--- test/my_basics.c	(revision 447)
+++ test/my_basics.c	(working copy)
@@ -177,6 +177,9 @@
   ok_con(hdbc, SQLNativeSql(hdbc, in, SQL_NTS, out, sizeof(out), &len));
   is_num(len, (SQLINTEGER) sizeof(in) - 1);
 
+  ok_con(hdbc, SQLNativeSql(hdbc, in, SQL_NTS, out, sizeof(out), &len));
+  is_num(len, (SQLINTEGER) sizeof(in) - 1);
+
   return OK;
 }