Forum OpenACS Q&A: Re: Security: cgi-bin/cachemgr.cgi A*4096 attack?

Posted by Don Baccus on
Looks like Oracle varchars are limited to 4096 characters ... which we already know, right?

It's converting the bindvar to a varchar in order to do the comparison.

I'd say that it's probably not worth bothering to change the code to return a more immediately comprehensible error message.