mirror of
https://github.com/redis/redis.git
synced 2026-05-28 04:02:46 -04:00
Fix HEXPIRE numfields overflow (#15021)
Some checks are pending
CI / test-ubuntu-latest (push) Waiting to run
CI / test-sanitizer-address (push) Waiting to run
CI / build-debian-old (push) Waiting to run
CI / build-macos-latest (push) Waiting to run
CI / build-32bit (push) Waiting to run
CI / build-libc-malloc (push) Waiting to run
CI / build-centos-jemalloc (push) Waiting to run
CI / build-old-chain-jemalloc (push) Waiting to run
Codecov / code-coverage (push) Waiting to run
External Server Tests / test-external-standalone (push) Waiting to run
External Server Tests / test-external-cluster (push) Waiting to run
External Server Tests / test-external-nodebug (push) Waiting to run
Spellcheck / Spellcheck (push) Waiting to run
Some checks are pending
CI / test-ubuntu-latest (push) Waiting to run
CI / test-sanitizer-address (push) Waiting to run
CI / build-debian-old (push) Waiting to run
CI / build-macos-latest (push) Waiting to run
CI / build-32bit (push) Waiting to run
CI / build-libc-malloc (push) Waiting to run
CI / build-centos-jemalloc (push) Waiting to run
CI / build-old-chain-jemalloc (push) Waiting to run
Codecov / code-coverage (push) Waiting to run
External Server Tests / test-external-standalone (push) Waiting to run
External Server Tests / test-external-cluster (push) Waiting to run
External Server Tests / test-external-nodebug (push) Waiting to run
Spellcheck / Spellcheck (push) Waiting to run
Validate HEXPIRE-family field counts without parser overflow keep flexible option order; only require fields fit in argv add tests for INT_MAX numfields across HEXPIRE/HPEXPIRE/HEXPIREAT/HPEXPIREAT
This commit is contained in:
Moti Cohen
GitHub
parent
e8da0e5b47
commit
e1d35aca01
2 changed files with 8 additions and 2 deletions
|
|
@ -3608,15 +3608,16 @@ static int parseHashCommandArgs(client *c, HashCommandArgs *args,
|
|||
&numFields, "Parameter `numFields` should be greater than 0") != C_OK)
|
||||
return C_ERR;
|
||||
|
||||
args->fieldCount = (int)numFields;
|
||||
args->firstFieldPos = i + 2;
|
||||
|
||||
/* Check bounds - we must have exactly the right number of fields */
|
||||
if (args->firstFieldPos + args->fieldCount > c->argc) {
|
||||
if (numFields > c->argc - args->firstFieldPos) {
|
||||
addReplyError(c, "wrong number of arguments");
|
||||
return C_ERR;
|
||||
}
|
||||
|
||||
args->fieldCount = (int)numFields;
|
||||
|
||||
/* Skip over the field arguments */
|
||||
i = args->firstFieldPos + args->fieldCount - 1;
|
||||
continue;
|
||||
|
|
|
|||
|
|
@ -2359,6 +2359,11 @@ start_server {tags {"hash"}} {
|
|||
assert_error {*Parameter*numFields*should be greater than 0*} {r HEXPIRE myhash 60 FIELDS -1 f1}
|
||||
assert_error {*invalid number of fields*} {r HSETEX myhash FIELDS 0 f1 v1 EX 60}
|
||||
assert_error {*invalid number of fields*} {r HGETEX myhash FIELDS 0 f1 EX 60}
|
||||
set future_sec [expr {[clock seconds] + 60}]
|
||||
set future_ms [expr {[clock milliseconds] + 60000}]
|
||||
foreach {cmd expire} [list HEXPIRE 60 HPEXPIRE 60000 HEXPIREAT $future_sec HPEXPIREAT $future_ms] {
|
||||
assert_error {*wrong number of arguments*} [list r $cmd myhash $expire FIELDS 2147483647 f1]
|
||||
}
|
||||
|
||||
# Test missing FIELDS keyword
|
||||
assert_error {*unknown argument*} {r HEXPIRE myhash 60 2 f1 f2}
|
||||
|
|
|
|||
Loading…
Reference in a new issue