[Info-vax] Flaw in SQLite: CVE-2022-35737
David Jones
osuvman50 at gmail.com
Sun Oct 30 21:12:05 EDT 2022
On Sunday, October 30, 2022 at 5:57:49 PM UTC-4, Craig A. Berry wrote:
> I don't know what the pointer sizes are on the builds of SQLite for VMS,
> but even with 64-bit pointers I'm pretty sure the size of a single
> object is limited to 2GB on VMS. It would take some work to figure out
> whether that in itself defeats the exploit or just creates a different
> failure pattern.
The default VMS build is 32-bit but you do have the option to build 64-bit
versions of the images and libraries. The alternate versions have "64" appended
to the file name or type (e.g. sqlite3shr64.exe, sqlite3.olb64) so can co-exist
with the regular build.
More information about the Info-vax
mailing list