-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 14/06/13 10:31, Maxim Khitrov wrote:
> I'm writing SQLite bindings for Go [1].
I'm the author of SQLite bindings for Python - APSW. One choice I made
was to mimic SQLite semantics into Python - essentially if it is a
function call/expensive operat
On Thu, 13 Jun 2013 21:27:33 -0400
Igor Tandetnik wrote:
> On 6/13/2013 9:15 PM, Maxim Khitrov wrote:
> > This works and also triggers SQLITE_SCHEMA with v1 interface. I did
> > a few more tests and it looks like the schema changes are ignored
> > if the statement is in the middle of iteration. A
On Fri, Jun 14, 2013 at 6:34 PM, Filipe Madureira <
filipe.madure...@sysdevsolutions.com> wrote:
> Hi,
>
> Thanks for the great help.
> I tracked the problem to et_getdigit()
> More precisely to:
> digit = (int)*val;
>
> So, SQLite is assuming that "double" to "int" cast will truncate the
> value.
On 14 Jun 2013, at 11:29pm, DL wrote:
> UPDATE T set C1 = calculation(C2) where C1 is NULL
> If table is large, this update may take many seconds or even minutes.
> During this time all other queries on this table fail with "database is
> locked"
> after connection timeout expires (currently my
Hi,
Thanks for the great help.
I tracked the problem to et_getdigit()
More precisely to:
digit = (int)*val;
So, SQLite is assuming that "double" to "int" cast will truncate the
value. This should be true.
But in this device this is not happening, so if "val" is 2.55 I get 3 in
"digit".
Anyon
Hi,
I have a long running multirow update such as:
UPDATE T set C1 = calculation(C2) where C1 is NULL
If table is large, this update may take many seconds or even minutes.
During this time all other queries on this table fail with "database is
locked"
after connection timeout expires (currently my
Would this not work for you?
http://stackoverflow.com/questions/7426205/sqlite-adding-comments-to-tables-and-columns
.schema
On 13-06-14 11:00 AM, Dave Wellman wrote:
Thanks Clemens, that is probably a workable option (at least for me).
As someone else noted, the PRAGMA user_version will no
IMO you should provide a function to invalidate the cache and also one
to check the schema version number, then leave it to the application
to decide when or if to bother with this.
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8
On Fri, Jun 14, 2013 at 12:56 PM, Maxim Khitrov wrote:
> On Thu, Jun 13, 2013 at 9:27 PM, Igor Tandetnik wrote:
>> On 6/13/2013 9:15 PM, Maxim Khitrov wrote:
>>>
>>> This works and also triggers SQLITE_SCHEMA with v1 interface. I did a
>>> few more tests and it looks like the schema changes are i
On Fri, Jun 14, 2013 at 1:16 PM, Simon Slavin wrote:
>
>
> On 14 Jun 2013, at 5:56pm, Maxim Khitrov wrote:
>
>> Unconditionally invalidating the cache after each initial call to step
>> will add a bit of overhead when repopulating the values.
>
> Do you think that every single user of SQLite does
On 14 Jun 2013, at 5:56pm, Maxim Khitrov wrote:
> Unconditionally invalidating the cache after each initial call to step
> will add a bit of overhead when repopulating the values.
Do you think that every single user of SQLite does this ? Have you ever seen
it included in the source code of a
On 06/14/2013 10:55 PM, Jan Slodicka wrote:
(Applies to SQLITE 3.7.15.2 (but v3.7.17.0 uses the same code))
Pager bug(?):
Following code excerpt from sqlite3.c should crash if pPage==NULL &&
createFlag==0:
static sqlite3_pcache_page *pcache1Fetch(
sqlite3_pcache *p,
unsigned int iKey,
On 6/14/2013 10:17 AM, Finn Wilcox wrote:
Yes but it is defined once-per-file instead of once-per-table.
"we've found that the use of a single place to store our version number
makes the checking much easier."
--
Igor Tandetnik
___
sqlite-users mai
On Thu, Jun 13, 2013 at 9:27 PM, Igor Tandetnik wrote:
> On 6/13/2013 9:15 PM, Maxim Khitrov wrote:
>>
>> This works and also triggers SQLITE_SCHEMA with v1 interface. I did a
>> few more tests and it looks like the schema changes are ignored if the
>> statement is in the middle of iteration. As y
On 6/14/2013 11:42 AM, Keith Medcalf wrote:
You do not need to overwrite system DLLs (which would be detectable). You
merely need to inject/change code on a loaded shared code segment. Granted,
you still need a privilege escalation exploit to be able to do so initially.
Yes, once you got ro
(Applies to SQLITE 3.7.15.2 (but v3.7.17.0 uses the same code))
Pager bug(?):
Following code excerpt from sqlite3.c should crash if pPage==NULL &&
createFlag==0:
static sqlite3_pcache_page *pcache1Fetch(
sqlite3_pcache *p,
unsigned int iKey,
int createFlag
){
{
...
if( pPage || createF
You do not need to overwrite system DLLs (which would be detectable). You
merely need to inject/change code on a loaded shared code segment. Granted,
you still need a privilege escalation exploit to be able to do so initially.
This is not a common exploit because, while not particularly diff
Thanks Clemens, that is probably a workable option (at least for me).
As someone else noted, the PRAGMA user_version will not work for us as it is
one value per db file and we want to set this per table.
Cheers,
Dave
Ward Analytics Ltd - information in motion
Tel: +44 (0) 118 9740191
Fax: +44 (
Alexey Pechnikov wrote:
> It's very important to have place to store table metainformation. In all
> common DBMSs we can use TABLE/COLUMN COMMENT as meta description of table
> but SQLite doesn't support it.
SQLite saves comments in table/view/index/trigger definitions:
sqlite> create table t(x /
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 14/06/2013 15:03, Igor Tandetnik wrote:
> On 6/14/2013 9:59 AM, Dave Wellman wrote:
>> We use a COMMENT to store information about the version of our
>> tables that are in place on the customer system.
>
> PRAGMA user_version is intended for this v
On 6/14/2013 9:59 AM, Dave Wellman wrote:
We use a COMMENT to store information about the version of our tables that
are in place on the customer system.
PRAGMA user_version is intended for this very purpose.
--
Igor Tandetnik
___
sqlite-users mailin
I'd just like to add my penny's worth to this discussion.
We use a COMMENT to store information about the version of our tables that
are in place on the customer system.
Assume that we start with 'v1' of our tables that have 3 columns.
For a variety of reasons we might add a 4th column in 'v2'.
On 6/14/2013 9:44 AM, Keith Medcalf wrote:
Some Operating Systems (such as any version of Microsoft Windows) cannot be protected
from these sorts of attacks, so if you are running Windows, then you probability of
compromise is 100%, and the estimated lifetime of your "security barrier" is
zero
You have far more security vulnerabilities inherent in the (quite often
mis-)design of the operating system, development tools and libraries; and
idiotic decisions made by application designers themselves. You don't want to
put the cart in front of the horse. Compromise in your (briefly state
On 6/13/2013 10:23 AM, Alexey Pechnikov wrote:
It's very important to have place to store table metainformation.
You are the first person in years who asked for it, so it's probably not
*that* important.
In all
common DBMSs we can use TABLE/COLUMN COMMENT as meta description of table
but SQ
On 6/14/2013 7:39 AM, Simon Slavin wrote:
On 14 Jun 2013, at 11:18am, Toby Dickenson wrote:
To what extent is this IPC mechanism a risk of privilege escalation,
whereby any malicious code injected into the first process might be
able to use the shared database to attack the second process.
T
On Fri, Jun 14, 2013 at 9:10 AM, Vijay Khurdiya <
vijay.khurd...@securetogether.com> wrote:
> Please confirm below statement is TRUE when Sqlit3 configure in thread
> safe mode. (I am checking for Serialized)
>
> "Multiple processes can access same database connection"?
>
False.
A "database conn
Please confirm below statement is TRUE when Sqlit3 configure in thread safe
mode. (I am checking for Serialized)
"Multiple processes can access same database connection"?
Bye -
This e-mail and any files transmitted with it are for the sole use of the
intended recipient(s) and may contain confide
Hi Richard,
On Fri, 14 Jun 2013 08:26:19 -0400
Richard Hipp wrote:
SQLite has its own printf() implementation. It has to.
If it used system
printf(), than certain LOCALE settings would turn "."
into "," and
introduce syntax errors.
The build-in printf() of SQLite also introduces a numbe
On Fri, Jun 14, 2013 at 8:19 AM, Arjen Markus wrote:
> I have no solution to offer and you probably thought of it
> yourseld too, but the + might be an attempt (rather
> superfluous and annoying) to indicate upward rounding
> took place.
>
> Does this happen with an ordinary C program too? The cul
Hello,
The pda probably has no floating point support, you should check how sqlite
as been compiled.
Best wishes
Noël
On 14 June 2013 14:19, Arjen Markus wrote:
> Hi Filipe,
>
>
> On Thu, 13 Jun 2013 15:59:35 +0100
> Filipe Madureira
> >
> wrote:
>
>> Hi,
>>
>> I have a problem executing a q
On Thu, Jun 13, 2013 at 10:59 AM, Filipe Madureira <
filipe.madure...@sysdevsolutions.com> wrote:
> can someone tell me where in the source code the float (or double, I
> don't know) value of 2.55 is being converted to a string to be outputed
>
Floating point to ASCII conversion happens here:
Hi Filipe,
On Thu, 13 Jun 2013 15:59:35 +0100
Filipe Madureira
wrote:
Hi,
I have a problem executing a query on a WinCE6 ARM
device.
I use SQlite for years and tested on all types of
devices including WinCE6 ARM and never had a problem.
But I have one problem on particular device that ha
Hi,
I have a problem executing a query on a WinCE6 ARM device.
I use SQlite for years and tested on all types of devices including
WinCE6 ARM and never had a problem.
But I have one problem on particular device that has a Texas Instruments
ARM CPU with WinCE6.
A very simple way to reproduce
Hello!
It's very important to have place to store table metainformation. In all
common DBMSs we can use TABLE/COLUMN COMMENT as meta description of table
but SQLite doesn't support it.
COMMENTs are supported from very old to new PostgreSQL:
http://www.postgresql.org/docs/7.1/static/sql-comment.ht
On 14 Jun 2013, at 11:18am, Toby Dickenson wrote:
> Suppose I have two processes which communicate via a shared database.
> One process is internet-facing, and therefore carries a risk of being
> compromised. The second process is running under a different uid, and
> has access to other files wh
On 14 Jun 2013, at 4:55am, Vijay Khurdiya
wrote:
> I am quite new with SQLite3, tried sample application to create, read & write
> database using SQLite3.
>
> Now I am trying to write test where multiple process are trying to access
> database using SQLite3. To get best result w.r.t Speed &
Hi all,
I have a question about security considerations for using sqlite.
Suppose I have two processes which communicate via a shared database.
One process is internet-facing, and therefore carries a risk of being
compromised. The second process is running under a different uid, and
has access to
38 matches
Mail list logo
