redis
/
hiredis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

read: Ensure no invalid '\r' or '\n' in simple status/error strings

master
Alex Smith 2020-10-16 17:38:38 -04:00 committed by michael-grunder
parent e43061156c
commit c6646cb192
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
read.c
View File

@ -339,6 +339,13 @@ static int processLineItem(redisReader *r) {
obj = (void*)REDIS_REPLY_BOOL;
} else {
/* Type will be error or status. */
for (int i = 0; i < len; i++) {
if (p[i] == '\r' || p[i] == '\n') {
__redisReaderSetError(r,REDIS_ERR_PROTOCOL,
"Bad simple string value");
return REDIS_ERR;
}
}
if (r->fn && r->fn->createString)
obj = r->fn->createString(cur,p,len);
else