Feature #264
libsqlfs: check to make sure PATH_MAX is always smaller than SQLite's max key size
| Status: | New | Start date: | 08/27/2012 | |
|---|---|---|---|---|
| Priority: | Low | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | - | |||
| Component: | libsqlfs |
Description
PATH_MAX varies in size from OS to OS. Right now, sqlfs uses PATH_MAX internally to limit that size, but there is no checking to make sure that PATH_MAX is not bigger than SQLite can handle.
History
#1 Updated by abeluck over 5 years ago
- Assignee set to abeluck
#2 Updated by hans about 5 years ago
I looked into this and it looks like the only relevant limit is SQLITE_MAX_LENGTH, which defaults to 1000000000. SQLITE_MAX_LENGTH is settable at compile time. The discussion of SQLITE_MAX_LENGTH mentions that for security conscious apps, SQLITE_MAX_LENGTH should be reduced. The idea is to avoid DoS attacks based on really long strings.
I wonder whether this should be flipped, so that we're actually setting SQLITE_MAX_LENGTH to our PATH_MAX. It limits blobs and strings, and I think that data is written in 4k blocks into blobs.
#3 Updated by abeluck almost 5 years ago
- Component set to libsqlfs
#4 Updated by abeluck almost 5 years ago
- Assignee deleted (
abeluck) - Target version set to 61
#5 Updated by hans almost 4 years ago
- Target version deleted (
61)