Execution Characteristics of Extended Stored Procedures
This feature will be removed in a future version of Microsoft SQL Server. Do not use this feature in new development work, and modify applications that currently use this feature as soon as possible. Use CLR Integration instead.
The execution of an extended stored procedure has these characteristics:
The extended stored procedure function is executed under the security context of Microsoft SQL Server.
The extended stored procedure function runs in the process space of SQL Server.
The thread associated with the execution of the extended stored procedure is the same one used for the client connection.
Before adding extended stored procedures to the server and granting execute permissions to other users, the system administrator should thoroughly review each extended stored procedure to make sure that it does not contain harmful or malicious code.
After the extended stored procedure DLL is loaded, the DLL remains loaded in the address space of the server until SQL Server is stopped or the administrator explicitly unloads the DLL by using DBCC DLL_name (FREE).
The extended stored procedure can be executed from Transact-SQL as a stored procedure by using the EXECUTE statement:
EXECUTE @retval = xp_extendedProcName @param1, @param2 OUTPUT
Is a return value.
Is an input parameter.
Is an input/output parameter.
Extended stored procedures offer performance enhancements and extend SQL Server functionality. However, because the extended stored procedure DLL and SQL Server share the same address space, a problem procedure can adversely affect SQL Server functioning. Although exceptions thrown by the extended stored procedure DLL are handled by SQL Server, it is possible to damage SQL Server data areas. As a security precaution, only SQL Server system administrators can add extended stored procedures to SQL Server. These procedures should be thoroughly tested before they are installed.