Merge pull request #4922 from 0xtonyxia/enhance-cli-security

Enhance security for redis-cli
2025-01-22 16:18:28 -05:00 · 2018-05-24 16:14:42 +02:00 · 2018-05-24 16:14:42 +02:00 · ef7ccad180
commit ef7ccad180
parent 8a200b04c3 95b988b6c6
1 changed files with 31 additions and 13 deletions
--- a/src/redis-cli.c
+++ b/src/redis-cli.c
@ -1058,7 +1058,7 @@ static int cliReadReply(int output_raw_strings) {
    return REDIS_OK;
 }

-static int cliSendCommand(int argc, char **argv, int repeat) {
+static int cliSendCommand(int argc, char **argv, long repeat) {
    char *command = argv[0];
    size_t *argvlen;
    int j, output_raw;
@ -1121,7 +1121,7 @@ static int cliSendCommand(int argc, char **argv, int repeat) {
    for (j = 0; j < argc; j++)
        argvlen[j] = sdslen(argv[j]);

-    while(repeat--) {
+    while(repeat-- > 0) {
        redisAppendCommandArgv(context,argc,(const char**)argv,argvlen);
        while (config.monitor_mode) {
            if (cliReadReply(output_raw) != REDIS_OK) exit(1);
@ -1229,6 +1229,7 @@ static int parseOptions(int argc, char **argv) {
        } else if (!strcmp(argv[i],"-n") && !lastarg) {
            config.dbnum = atoi(argv[++i]);
        } else if (!strcmp(argv[i],"-a") && !lastarg) {
+            fputs("Warning: Using a password with '-a' option on the command line interface may not be safe.\n", stderr);
            config.auth = argv[++i];
        } else if (!strcmp(argv[i],"-u") && !lastarg) {
            parseRedisUri(argv[++i]);
@ -1621,9 +1622,35 @@ static void repl(void) {
    cliRefreshPrompt();
    while((line = linenoise(context ? config.prompt : "not connected> ")) != NULL) {
        if (line[0] != '\0') {
+            long repeat = 1;
+            int skipargs = 0;
+            char *endptr = NULL;
+
            argv = cliSplitArgs(line,&argc);
+
+            /* check if we have a repeat command option and
+             * need to skip the first arg */
+            if (argv && argc > 0) {
+                errno = 0;
+                repeat = strtol(argv[0], &endptr, 10);
+                if (argc > 1 && *endptr == '\0') {
+                    if (errno == ERANGE || errno == EINVAL || repeat <= 0) {
+                        fputs("Invalid redis-cli repeat command option value.\n", stdout);
+                        sdsfreesplitres(argv, argc);
+                        linenoiseFree(line);
+                        continue;
+                    }
+                    skipargs = 1;
+                } else {
+                    repeat = 1;
+                }
+            }
+
+            /* Won't save auth command in history file */
+            if (!(argv && argc > 0 && !strcasecmp(argv[0+skipargs], "auth"))) {
                if (history) linenoiseHistoryAdd(line);
                if (historyfile) linenoiseHistorySave(historyfile);
+            }

            if (argv == NULL) {
                printf("Invalid argument(s)\n");
@ -1655,15 +1682,6 @@ static void repl(void) {
                    linenoiseClearScreen();
                } else {
                    long long start_time = mstime(), elapsed;
-                    int repeat, skipargs = 0;
-                    char *endptr;
-
-                    repeat = strtol(argv[0], &endptr, 10);
-                    if (argc > 1 && *endptr == '\0' && repeat) {
-                        skipargs = 1;
-                    } else {
-                        repeat = 1;
-                    }

                    issueCommandRepeat(argc-skipargs, argv+skipargs, repeat);