Symptoms
Consider the following scenario:
-
You enable the Common Criteria Compliance (CCC) option on your SQL Server 2017 instance.
-
You try to log in to the SQL Server instance by using a nonexistent SQL login.
-
Log in to the SQL Server instance with an admin account.
-
Run DBCC CHECKDB command against the master database.
In this scenario, you may receive an error message that resembles the following:
Msg 2570, Level 16, State 2, Line LineNumberPage (#:#), slot # in object ID #, index ID #, partition ID #, alloc unit ID # (type "In-row data"). Column "name" value is out of range for data type "nvarchar". Update column to a legal value.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Resolution
This issue is fixed in the following cumulative update for SQL Server:
About cumulative updates for SQL Server:
Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included with the previous cumulative update. Check out the latest cumulative updates for SQL Server:
Workaround
To work around this issue, enable the Trace flag (TF) 2566 that disables the DATA_PURITY check when you run the DBCC CHECKDB command against the master database. However, this does not prevent the invalid rows from being inserted into the master database. It just disables the check during DBCC CHECKDB.
References
Learn about the terminology that Microsoft uses to describe software updates.
