Microsoft KB Archive/217187

= FIX: Failure In InternalCreateSchemaRowset Causes Access Violation =

Article ID: 217187

Article Last Modified on 8/28/2003

-

APPLIES TO

 Microsoft OLE DB 2.7, when used with:  Microsoft Visual C++ 6.0 Enterprise Edition

 Microsoft Visual C++ 6.0 Professional Edition

 Microsoft Visual C++ 6.0 Standard Edition 

-

<div class="notice_section">

This article was previously published under Q217187

<div class="symptoms_section">

SYMPTOMS
Access violation can occur when using OLE DB Provider Template macro with SCHEMA_ENTRY.

<div class="cause_section">

CAUSE
Following is the code in ATLDB.H for CreateSchemaRowset. CreateSchemaRowset is called by the SCHEMA_ENTRY macro.

The rowset class is created and then a pointer to it is sent to InternalCreateSchemaRowset.

NOTE: A failed hr will cause the object to be deleted. HRESULT CreateSchemaRowset(IUnknown *pUnkOuter, ULONG cRestrictions,              const VARIANT rgRestrictions[], REFIID riid,               ULONG cPropertySets, DBPROPSET rgPropertySets[],               IUnknown** ppRowset, SchemaRowsetClass*& pSchemaRowset) { HRESULT hrProps, hr = S_OK; SessionClass* pT = (SessionClass*) this; CComPolyObject<SchemaRowsetClass>* pPolyObj; if (FAILED(hr = ComPolyObject<SchemaRowsetClass>::CreateInstance(pUnkOuter, &pPolyObj))) return hr; pSchemaRowset = &(pPolyObj->m_contained); hr = InternalCreateSchemaRowset(pUnkOuter, cRestrictions, rgRestrictions, riid, cPropertySets, rgPropertySets, ppRowset,pPolyObj, pT, pT->GetUnknown);

// Ref the created COM object and Auto release it on failure if (FAILED(hr)) { //Here is the problem delete delete pPolyObj; // must hand delete as it is not ref'd   return hr; } }

Following is the code for InternalCreateSchemaRowset. If a failure occurs when trying to set a property, the function returns with an error but not before the spUnk smart pointer calls release and frees the object. When execution returns from this function, the CreateSchemaRowset function attempts to delete the object (which has already been deleted) and the access violation occurs. OUT_OF_LINE HRESULT InternalCreateSchemaRowset(IUnknown *pUnkOuter, ULONG cRestrictions, const VARIANT rgRestrictions[], REFIID riid,                         ULONG cPropertySets, DBPROPSET rgPropertySets[], IUnknown** ppRowset, IUnknown* pUnkThis, CUtlPropsBase* pProps, IUnknown* pUnkSession) { HRESULT hr, hrProps = S_OK; if (ppRowset != NULL) *ppRowset = NULL; if ((pUnkOuter != NULL) && !InlineIsEqualUnknown(riid)) return DB_E_NOAGGREGATION;

//Smart pointer, spUnk will automatically call Release when it goes out of scope CComPtr<IUnknown> spUnk; hr = pUnkThis->QueryInterface(IID_IUnknown, (void**)&spUnk); if (FAILED(hr)) return hr; hr = pProps->FInit; if (FAILED(hr)) return hr; hr = pProps->SetPropertiesArgChk(cPropertySets, rgPropertySets); if (FAILED(hr)) return hr; const GUID* ppGuid[1]; ppGuid[0] = &DBPROPSET_ROWSET;

// Call SetProperties. The true in the last parameter indicates // the special behavior that takes place on rowset creation (i.e. // it succeeds as long as any of the properties were not marked  // as DBPROPS_REQUIRED.

hrProps = pProps->SetProperties(0, cPropertySets,rgPropertySets,1,ppGuid, true); if (FAILED(hrProps)) return hrProps; }

<div class="status_section">

STATUS
Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

This bug was corrected in Visual Studio 6.0 Service Pack 3. For more information about Visual Studio service packs, please see the following articles in the Microsoft Knowledge Base:

194022 INFO: Visual Studio 6.0 Service Packs, What, Where, Why

194295 HOWTO: Tell That Visual Studio 6.0 Service Packs Are Installed

Keywords: kbbug kbfix kbprovider kbdatabase kbdtl kbmdacnosweep kbvs600sp3fix KB217187

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.