(This blocks bug 1170564: [META] Failure to deal with short read ) For details of short read, and how to fix, please read the bug 1170564. Here in this bugzilla entry, it is pointed out that NSS DBM code (Berkeley db 1.85) ought to be updated to a new one. This code is used by both C-C TB and FF since it is under M-C tree. This code cannot cope with short read, and cause errors. It should be updated with later versions with more robustness and nice features such as shared DB access. (It is way too old: I think it is from the first half of 1990's). This was initially posted in a newsgroup posting by me . I found that if short read operation occurs against one of the following files under my MOZOBJ directory during |make mozmill| test, TB causes errors reported in the test log. "_tests/mozmill/mozmillprofile/cert8.db", "_tests/mozmill/mozmillprofile/key3.db", "_tests/mozmill/mozmillprofile/secmod.db" And I found these files are managed by NSS dbm code and the code inspection reveals that it is not safe from short read at all. In response to the posting, Philip Chee responded in the newsgroup posting , (line break positions have been changed somewhat.) --- begin quote --- According to Google, current versions of NSS can use SQLite for its backend. Butt the file names are different: key3.db -> key4.db cert8.db -> cert9.db secmod.db -> pkcs11.txt https://wiki.mozilla.org/NSS_Shared_DB https://blogs.oracle.com/meena/entry/what_s_new_in_nss1 Advantage is that Firefox/Thunderbird/SeaMonkey can all share the same files ........ > However, now that Sleepycat has been bought by Oracle, I am > not sure what is the good option left. I think v5 of Berkeley DB is still under the Sleepycat licence. --- end quote --- From my own testing, I can confirm SQLite seems to be solid in handling short read/write among many advantages it has. My emulation of short read/write was done against SQLite databases during tests, and I have not seen problems caused by them if I am not mistaken. SQLite library handles the necessary additional reads automagically. The casual code browsing I did many months ago also support this informally. > Advantage is that Firefox/Thunderbird/SeaMonkey can all > share the same files Frankly, I have no background to comment on this. But maybe if one needs to add local certificates due to organizational issues, there will be one less additional database to take care of. Re version v5 vs. v6. Oracle web page today has a link to v6 code. http://www.oracle.com/technetwork/database/database-technologies/berkeleydb/downloads/index.html If I am not mistaken, v6 even claims to have SQL interface based on SQLite (!). I don't know if it is done via talking to a separate engine or even incorporate the SQLite source code inside. Anyway, it looks replacing the current code with the new NSS code/backend seems a BIG WIN in the long run. What do people think? In the meantime, the bug caused by the short read is for real and acute. TIA  Bug 1170564 - [META] Failure to deal with short read  The second posting "DBM code too old (Re: mozmill test: Hightail ???)", in the newsgroup thread: https://groups.google.com/forum/#!topic/mozilla.dev.apps.thunderbird/G5UJxVa17SY  The third posting in the above newsgroup thread. PS: I have created a small patch for DBM code before not knowing the extent of the problem, but I think now it should be ditched and replaced with a new version.
Is there not already a bug about doing sqlite? I had a brief look around but didn't find one that's open.
Assignee: nobody → nobody
Component: Security → Libraries
Product: Core → NSS
Version: unspecified → trunk
You need to log in before you can comment on or make changes to this bug.