redict

caleb-brown/redict

Fork 0

mirror of https://codeberg.org/redict/redict.git synced 2025-01-23 08:38:27 -05:00

Commit Graph

Author	SHA1	Message	Date
Oran Agra	c5e6a6204c	Fix ziplist and listpack overflows and truncations (CVE-2021-32627, CVE-2021-32628) (#9589 ) - fix possible heap corruption in ziplist and listpack resulting by trying to allocate more than the maximum size of 4GB. - prevent ziplist (hash and zset) from reaching size of above 1GB, will be converted to HT encoding, that's not a useful size. - prevent listpack (stream) from reaching size of above 1GB. - XADD will start a new listpack if the new record may cause the previous listpack to grow over 1GB. - XADD will respond with an error if a single stream record is over 1GB - List type (ziplist in quicklist) was truncating strings that were over 4GB, now it'll respond with an error. Co-authored-by: sundb <sundbcn@gmail.com>	2021-10-04 12:11:02 +03:00

Author

SHA1

Message

Date

Oran Agra

c5e6a6204c

Fix ziplist and listpack overflows and truncations (CVE-2021-32627, CVE-2021-32628) (#9589 )

- fix possible heap corruption in ziplist and listpack resulting by trying to
  allocate more than the maximum size of 4GB.
- prevent ziplist (hash and zset) from reaching size of above 1GB, will be
  converted to HT encoding, that's not a useful size.
- prevent listpack (stream) from reaching size of above 1GB.
- XADD will start a new listpack if the new record may cause the previous
  listpack to grow over 1GB.
- XADD will respond with an error if a single stream record is over 1GB
- List type (ziplist in quicklist) was truncating strings that were over 4GB,
  now it'll respond with an error.

Co-authored-by: sundb <sundbcn@gmail.com>

2021-10-04 12:11:02 +03:00

1 Commits