Skip to main content

Answer: How do you create a byte with the value of 00000001 in SQL Server?

My team mate Pi asked me today: how do you create a byte with the value 00000001 in SQL Server? The answer is to create an integer representation of the byte’s value, and cast it to binary. SELECT CAST(CAST(1 AS TINYINT) AS BINARY(1)) The output in Management Studio is: 0x01 (Management Studio outputs binary fields […]

Hey Yo! SQLCMD may truncate your XML!

While trying to use SQLCMD to produce an app.config file, I encountered problems with the output being truncated. The script was similar to: DECLARE @appconfig XML SET @appconfig = ‘<configuration></configuration>’ … Insert configuration nodes — Output the config SELECT @appconfig as ApplicationConfiguration The default options for SQLCMD produced output like: ApplicationConfiguration ————————- <configuration><connecti (the value […]

SQL Truncation Attacks

SQL injection attacks are nothing new and hopefully everyone is protecting themselves from it. An interesting by-product of the standard method of protection from the basic sql injection attack (replace single quotes with two single quotes) is increasing the size of the original value. When building a command in a variable, its possible to truncate […]