On Wed, Apr 29, 2015 at 7:37 PM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
> Hi Rowan, > > On Thu, Apr 30, 2015 at 11:17 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: > > > > >> A fatal error wouldn't constitute a DoS vulnerability, would it? > >>>> > >>>> Attacker may inject huge ID value and/or they may simply access > >>> web sites to reach 2 billion limit, for example. > >>> > >> > >> That's not a DoS vector unless you've also done something else wrong, > >> it's just an embarassing error like many others. A lot of the time, the > DB > >> will overflow first anyway, because an SQL "int" is signed 32-bit. Hell, > >> YouTube had a 32-bit int for number of views until Gangnam Style > overflowed > >> it! > >> > > > > Not really. Primary key is out of user control almost always. However, > > suppose code allows to specify foreign key and code assumes that non > > existing foreign key results in search query failure. > > > > Current PHP: Search query failure. > > New PHP type hint: Fatal error because foreign key is out of PHP int > range. > > > > If user are using type hints everywhere, it may be limited to attackers > > seeing fatal errors. If not, attacker can succeed system wide DoS attack > by > > simple operation. > > > > I should have mentioned that I'm supposing DBMS like SQLite here. > As we know, SQLite column accepts any value including value beyond 64 bit > int. > > https://www.sqlite.org/datatype3.html > (Those who don't now "Type Affinity", please read the section) > > SQLite is the most used RDBMS in the world. > > MySQL supports unsigned 64 bit integer also, BTW. > > Regards, > > -- > Yasuo Ohgaki > yohg...@ohgaki.net > Are you asking to have both the 32 and 64 bit versions of PHP fully map to the type system in SQLite? The type system in SQLite appears to have been setup to map to programming language that lots of types (modern C, C++, maybe Java) rather than PHP. I think you might have an easier time fixing the SQLite adaptor for PHP than making both 32 and 64 bit PHP map to the type structure for SQLite completely transparently with full type defs. -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis
