From ff4548f06a056661142d714596efe266fa78814e Mon Sep 17 00:00:00 2001
From: Paul Duncan <pabs@pablotron.org>
Date: Wed, 16 Mar 2022 07:57:30 -0400
Subject: dbstore/sql/init.sql: fix cisa field limits
---
dbstore/sql/init.sql | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)
(limited to 'dbstore')
diff --git a/dbstore/sql/init.sql b/dbstore/sql/init.sql
index 1e9ec15..0e05c6a 100644
--- a/dbstore/sql/init.sql
+++ b/dbstore/sql/init.sql
@@ -803,7 +803,7 @@ CREATE TABLE cisa_vendors (
-- vendor/project name
name TEXT UNIQUE NOT NULL CHECK (
- -- FIXME: not sure about max length here
+ -- current range: [2, 18]
LENGTH(name) BETWEEN 1 AND 256
)
);
@@ -817,14 +817,25 @@ CREATE TABLE cisa_products (
-- product name
name TEXT UNIQUE NOT NULL CHECK (
- -- FIXME: not sure about max length here
- LENGTH(name) BETWEEN 1 AND 256
+ -- current range: [0, 179]
+ LENGTH(name) BETWEEN 0 AND 512
)
);
--
-- CISA KEV catalog vulnerabilities
--
+-- current vulnerability list field size ranges:
+-- name,min,max
+-- cveID,13,16
+-- dateAdded,10,10
+-- dueDate,10,10
+-- product,0,179
+-- requiredAction,38,79
+-- shortDescription,0,1389
+-- vendorProject,2,18
+-- vulnerabilityName,11,138
+
CREATE TABLE cisa_vulns (
-- vulnerability unique ID
vuln_id INTEGER PRIMARY KEY,
@@ -855,7 +866,7 @@ CREATE TABLE cisa_vulns (
-- vulnerability name
name TEXT NOT NULL CHECK (
- -- FIXME: not sure about max length here
+ -- current range: [11, 138]
LENGTH(name) BETWEEN 1 AND 1024
),
@@ -864,13 +875,13 @@ CREATE TABLE cisa_vulns (
-- short description of vulnerability
description TEXT NOT NULL CHECK (
- -- FIXME: not sure about max length here
- LENGTH(description) BETWEEN 1 AND 2048
+ -- current range: [0, 1389]
+ LENGTH(description) BETWEEN 0 AND 2048
),
-- required action
action TEXT NOT NULL CHECK (
- -- FIXME: not sure about max length here
+ -- current range: [38, 79]
LENGTH(action) BETWEEN 1 AND 2048
),
--
cgit v1.2.3