Uploaded image for project: 'CouchDB'
  1. CouchDB
  2. COUCHDB-2821

Prevent crash if user creates a database with a very long name



    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.0.0
    • None
    • None


      In couchdb before 2.0 a database create request would cleanly fail if the constructed filename for the database was too long for the underlying filesystem.

      In 2.0, the act of creating shard files and saving the shard map to the 'dbs' database happens concurrently. The latter will succeed even if the shard file creations fail, even if the reason for failure is fatal. CouchDB will also try to create these files if they are missing when queried. It is easy for the severity and frequency of those errors to take down the supervision tree.

      Guard against this by enhancing the database name validation function to reject names where any path segment exceeds 128 characters. Almost all filesystems can handle file and directory names of 255 characters at least but we constrain ourselves to half of this to allow room for system overhead (we already add a timestamp, for example).

      By 'path segment', I mean that 'foo/bar/baz' has three segments. When translated to disk, there will be a baz.couch file in the bar directory which is in the foo directory. We can be less aggressive than applying a maximum database name length, it is sufficient for each part to be under the limit. For exotic cases where names above 128 characters are desired, the use of multiple path segments could serve as a useful workaround.




            Unassigned Unassigned
            rnewson Robert Newson
            0 Vote for this issue
            3 Start watching this issue