You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
assignee='https://github.com/erlend-aasland'closed_at=<Date2021-11-13.21:17:03.972>created_at=<Date2021-09-19.22:35:54.394>labels= ['extension-modules', 'type-feature']
title='[sqlite3] add support for changing connection limits'updated_at=<Date2021-11-13.21:17:03.972>user='https://github.com/erlend-aasland'
I propose to add wrappers for the SQLite sqlite3_limit() C API. Using this API, it is possible to query and set limits on a connection basis. This will make it easier (and faster) to test various corner cases in the test suite without relying on test.support.bigmemtest.
Quoting from the SQLite sqlite3_limit() docs:
Run-time limits are intended for use in applications that manage both their
own internal database and also databases that are controlled by untrusted
external sources. An example application might be a web browser that has its
own databases for storing history and separate databases controlled by
can be given the large, default limits. Databases managed by external
sources can be given much smaller limits designed to prevent a denial of
Limit categories (C&P from SQLite docs)
The maximum size of any string or BLOB or table row, in bytes.
The maximum length of an SQL statement, in bytes.
The maximum number of columns in a table definition or in the result set of a SELECT or the maximum number of columns in an index or in an ORDER BY or GROUP BY clause.
The maximum depth of the parse tree on any expression.
The maximum number of terms in a compound SELECT statement.
The maximum number of instructions in a virtual machine program used to implement an SQL statement. If sqlite3_prepare_v2() or the equivalent tries to allocate space for more than this many opcodes in a single prepared statement, an SQLITE_NOMEM error is returned.
The maximum number of arguments on a function.
The maximum number of attached databases.
The maximum length of the pattern argument to the LIKE or GLOB operators.
The maximum index number of any parameter in an SQL statement.
The maximum depth of recursion for triggers.
The maximum number of auxiliary worker threads that a single prepared statement may start.
Steve, do you think it is worth it adding an audit hook for setting connection limits?
Most of the limits are harmless, but limits that control recursion are more interesting.
Maximum Depth Of An Expression Tree
SQLite parses expressions into a tree for processing. During code
generation, SQLite walks this tree recursively. The depth of expression
trees is therefore limited in order to avoid using too much stack space.
[...] If the value is 0, then no limit is enforced.
Maximum Depth Of Trigger Recursion
SQLite limits the depth of recursion of triggers in order to prevent a
statement involving recursive triggers from using an unbounded amount of
Note also, how the SQLite docs talk about SQLITE_LIMIT_LENGTH:
Maximum length of a string or BLOB
[...] In security-sensitive applications it is best not to try to increase
the maximum string and blob length. In fact, you might do well to lower
the maximum string and blob length to something more in the range of a few
million if that is possible.