[ 
https://issues.apache.org/jira/browse/COUCHDB-2821?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14901553#comment-14901553
 ] 

ASF GitHub Bot commented on COUCHDB-2821:
-----------------------------------------

GitHub user rnewson opened a pull request:

    https://github.com/apache/couchdb-chttpd/pull/75

    Reject database names with path segments over 128 characters

    COUCHDB-2821

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/cloudant/couchdb-chttpd 2821-dbname-length

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/couchdb-chttpd/pull/75.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #75
    
----
commit 8fcf4ba517f9fd1b9ec5c0665f88e7a81d45b391
Author: Robert Newson <[email protected]>
Date:   2015-09-21T22:40:11Z

    Reject database names with path segments over 128 characters
    
    COUCHDB-2821

----


> Prevent crash if user creates a database with a very long name
> --------------------------------------------------------------
>
>                 Key: COUCHDB-2821
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2821
>             Project: CouchDB
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>            Reporter: Robert Newson
>
> In couchdb before 2.0 a database create request would cleanly fail if the 
> constructed filename for the database was too long for the underlying 
> filesystem.
> In 2.0, the act of creating shard files and saving the shard map to the 'dbs' 
> database happens concurrently. The latter will succeed even if the shard file 
> creations fail, even if the reason for failure is fatal. CouchDB will also 
> try to create these files if they are missing when queried. It is easy for 
> the severity and frequency of those errors to take down the supervision tree.
> Guard against this by enhancing the database name validation function to 
> reject names where any path segment exceeds 128 characters. Almost all 
> filesystems can handle file and directory names of 255 characters at least 
> but we constrain ourselves to half of this to allow room for system overhead 
> (we already add a timestamp, for example).
> By 'path segment', I mean that 'foo/bar/baz' has three segments. When 
> translated to disk, there will be a baz.couch file in the bar directory which 
> is in the foo directory. We can be less aggressive than applying a maximum 
> database name length, it is sufficient for each part to be under the limit. 
> For exotic cases where names above 128 characters are desired, the use of 
> multiple path segments could serve as a useful workaround.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to