On Jan 12, 2008, at 9:59 AM, Alan Runyan wrote:
...
ZODB's error handling of transaction header length may be incorrect as well:


the code in FileStorage.py:

def _begin(self, tid, u, d, e):
    self._nextpos = 0
    self._thl = TRANS_HDR_LEN + len(u) + len(d) + len(e)
    if self._thl > 65535:
        # one of u, d, or e may be > 65535
       # We have to check lengths here because struct.pack
       # doesn't raise an exception on overflow
       if len(u) > 65535:
           raise FileStorageError('user name too long')
       if len(d) > 65535:
            raise FileStorageError('description too long')
       if len(e) > 65535:
           raise FileStorageError('too much extension data')

1. What if each u, d, e were each 32k?  this exception would
not be triggered.

And it shouldn't be. Each has their own 2-byte length field in the transaction header,

If I ever do FileStorage2 (don't hold your breath) I'd combine the user and description with the extension data into a single field with a 4-byte length.

Jim

--
Jim Fulton
Zope Corporation


_______________________________________________
For more information about ZODB, see the ZODB Wiki:
http://www.zope.org/Wikis/ZODB/

ZODB-Dev mailing list  -  ZODB-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zodb-dev

Reply via email to