SQL Server 2000 Error Handling

As far as I know, all of the error messages in SQL Server 2000 is handled in the SYSMESSAGES table in MASTER database, based on error field.

For example, to query the error message for code 5172 :

SELECT * FROM master.dbo.sysmessages WHERE (error = 5172)

To prove it, I can updates the certain rows and verify that it is indeed accessed from this table. But because this table is part of master database, I should set some flag to enable the update, using SQL Query Analyzer :

Sp_configure ‘allow updates’, 1
Reconfigure with override

The error handling routine in SQL Server 2000 is located at ex_raise routine, using some simple arithmetic to calculate the error codes and passes the error code to the routine to get the error description from the above table.

For the above example (error code 5172), the error handling is called using these steps :

:0082E307 8D834C010000 lea eax, dword[ebx+0000014C]
:0082E30D 6874CEA900 push 00A9CE74 {`string’}
(StringData)”PageAudit”
:0082E312 50 push eax
:0082E313 6A0F push 00F
:0082E315 6A10 push 010
:0082E317 6A48 push 048
:0082E319 6A33 push 033
:0082E31B E819E0C3FF call 0046C339 {int __cdecl ex_raise(int,int,int,int,…)} {int __cdecl ex_raise(int,int,int,int,…)}

The first parameter (0x33) is error prefix and second parameter (0x48) is error offset, and the rests of the parameter is the additional info to complete the format specifiers in the error message.

For error 5172, there are two strings to complete the format specifiers (i.e. two %ls format specifiers). The first format specifiers is the file name and the second parameter is the string constant (PageAudit).

The formula for finding the error codes is as follows :

error prefix * 100 + error offset

For example, the above error codes :

0x33 = 51, 0x48 = 72, apply it in the formula :

51 * 100 + 72 = 5172, QED 🙂

Now, using this formula, you can perform backward conversion to find which condition that yield the desired error. For example, error code 5173 :

5173 = 5100 + 73 = 0x33 * 0x64 + 0x49

After that, you can locate the exc_raise call using the above code for first and second parameter.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: