[Info-vax] Flaw in SQLite: CVE-2022-35737
Craig A. Berry
craigberry at nospam.mac.com
Sun Oct 30 17:57:44 EDT 2022
On 10/30/22 1:14 PM, John Dallman wrote:
> In article <193501bd-d3a4-4f9a-b05d-3fc7179cc9c4n at googlegroups.com>,
> osuvman50 at gmail.com (David Jones) wrote:
>
>> Note that the bug only applies if the application can generate a
>> buffer larger than 2^31 bytes as a printf argument, meaning it's
>> practically not exploitable for 32-bit builds.
>
> Quite a lot of software has dropped its 32-bit builds, and nobody would
> want to have different versions of SQLite between their 32- and 64-bit
> builds. In the Linux and Windows worlds, there isn't all that much
> software left that's 32-bit-only. It's extinct on iOS and macOS, with
> Android heading that way quite fast.
>
> I checked on one of work's products that I remembered used SQLite, and
> was pleased to discover it has been removed two years ago.
I don't know what the pointer sizes are on the builds of SQLite for VMS,
but even with 64-bit pointers I'm pretty sure the size of a single
object is limited to 2GB on VMS. It would take some work to figure out
whether that in itself defeats the exploit or just creates a different
failure pattern.
More information about the Info-vax
mailing list