-
-
Notifications
You must be signed in to change notification settings - Fork 31.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[sqlite3] SQLITE_LIMIT_LENGTH is incorrectly used to check statement length #89915
Comments
In Modules/_sqlite/statement.c pysqlite_statement_create() and Modules/_sqlite/cursor.c pysqlite_cursor_executescript_impl(), we incorrectly use SQLITE_LIMIT_LENGTH to check statement length. However, the correct limit is *SQLITE_LIMIT_SQL_LENGTH*. ### Alternative 1: ### Alternative 2: ### Alternative 3: See also: |
BTW, this only affects the code in main. |
In alternative 1 we control the type and the message of exception. In alternative 3 we left this to the SQLite3 engine. It is difficult to keep consistency in alternative 2, errors raised for sizes less and larger than INT_MAX can be different. I think this is a serious drawback of this alternative. What happens if set SQLITE_LIMIT_SQL_LENGTH to 0 or negative value? Would it be interpreted as "no limit"? |
I'm leaning towards alt 1. It is also easy to test all paths with that option. But I also think alt 3 is ok. It makes for easier code to maintain. Alt 2 is, as you say, the weakest alternative.
I'm not sure about 0; I'll try to find out. If you supply -1, you are querying the limit category, not setting it. |
In this case, the limit is actually zero: >>> cx.setlimit(sqlite3.SQLITE_LIMIT_SQL_LENGTH, 0)
1024
>>> cx.execute("select 1")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
sqlite3.DataError: string or blob too big |
Also, SQLITE_LIMIT_LENGTH and SQLITE_LIMIT_SQL_LENGTH is inclusive in SQLite. We should treat them likewise. |
I believe it is best to go with alternative 1. The error strings produced by SQLite may change from release to release, so for example a buildbot update may suddenly break the CI. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: