Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

A nit: it's not necessarily just applications that accept arbitrary queries, but also applications that use sqlite as a file format.


Yes - good point. Programs accepting SQLite databases as input (as opposed to just queries) are also vulnerable. The exploit is probably somewhat harder if you don’t have interactivity, since it would depend on exactly how the corrupt database gets used.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: