libsqlfs: check to make sure PATH_MAX is always smaller than SQLite's max key size
PATH_MAX varies in size from OS to OS. Right now, sqlfs uses PATH_MAX internally to limit that size, but there is no checking to make sure that PATH_MAX is not bigger than SQLite can handle.
#1 Updated by abeluck over 5 years ago
- Assignee set to abeluck
#2 Updated by hans about 5 years ago
I looked into this and it looks like the only relevant limit is SQLITE_MAX_LENGTH, which defaults to 1000000000. SQLITE_MAX_LENGTH is settable at compile time. The discussion of SQLITE_MAX_LENGTH mentions that for security conscious apps, SQLITE_MAX_LENGTH should be reduced. The idea is to avoid DoS attacks based on really long strings.
I wonder whether this should be flipped, so that we're actually setting SQLITE_MAX_LENGTH to our PATH_MAX. It limits blobs and strings, and I think that data is written in 4k blocks into blobs.