Linked server to Oracle - catastrophic bug - by Mark Marinovic

Status : 

  External<br /><br />
		This item may be valid but belongs to an external system out of the direct control of this product team.<br /><br />
		A more detailed explanation for the resolution of this particular item may have been provided in the comments section.


1
0
Sign in
to vote
ID 869691 Comments
Status Closed Workarounds
Type Bug Repros 0
Opened 5/8/2014 11:14:54 AM
Access Restriction Public

Description

Scenario:     Using the Oracle 11gR2 client driver to access Oracle over Linked Server.

Problem:     Typing a "--" comment indicator with a star "*" to select all columns in the passthrough query can crash SQL Server.  The Comment ("--") and "*" operator referenced mean the query being passed through between tickmarks that gets sent to the Oracle instance.

Platform of SQL Server:  Windows 2012R2, SQL 2012 SP1, SQL 2008R2 SP4, others, Virtualized on VMWare

Example:

SELECT A.ColumnName FROM OPENQUERY([LINKED_SRV_NAME],
						'SELECT
							--mytext
							A.*
						FROM OWNER.TABLE A
						WHERE ROWNUM < 10
						');

The above query crashes my SQL 2012 Developer Edition instance.  It has crashed other development instances as well.

There is a workaround posted here:  http://social.msdn.microsoft.com/Forums/sqlserver/en-US/93a65f6c-6eae-4109-9b60-1907c9ac3d97/openquery-over-oracle-linked-server-crashes-instance-with-c0000005-exceptionaccessviolation?forum=sqldatabaseengine

The workaround is essentially "write different code".  While that's a valid workaround that doesn't prevent developers or other parties with just minimal access to the SQL Server from crashing the whole instance by just messing around in Management Studio.

The article above references a bug number but I cannot verify if this is an Oracle bug or a bug in the Linked Server interpretation/parse/etc. libraries.  I am also submitting feedback to request that Linked Server access be a securable object so its use and even instantiation can be locked down.
Sign in to post a comment.
Posted by Microsoft on 5/14/2014 at 6:09 PM
Hi Marc,

Thanks for reporting this issue.
According to the description, the bug is in Orcale provider, which may crash SQL Server process if running inproc.
In the thread you are referring to, the bug numbers must correspond to Oracle issue tracking system - I verified and could not find such defects in the Microsoft SQL database.
Since the issue (and workaround suggested) is happening in external code, unfortunately, we won't be able to fix it in SQL Server code.

Thanks,
    Alexey, SQL Development