Go to file
Drew DeVault a8edd3f6ac Prevent unbounded recursive pattern matching
Fix for CVE-2024-31228

This patch was provided to us by Valkey, who received it from Redis Ltd.

> Authenticated users can trigger a denial-of-service by using specially
> crafted, long string match patterns on supported commands such as
> KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL
> definitions. Matching of extremely long patterns may result in
> unbounded recursion, leading to stack overflow and process crash.

Fixes https://codeberg.org/redict/redict/issues/56

Signed-off-by: Drew DeVault <sir@cmpwn.com>
2024-09-16 09:08:35 +02:00
.builds .builds/matrix.yml: distclean between runs 2024-04-02 11:08:59 +02:00
.forgejo/workflows Add build and test workflow 2024-07-04 16:30:42 +02:00
.reuse REUSE: Add copyright for .forgejo/workflows/run-tests.yaml 2024-09-07 13:40:35 +02:00
deps Fix integer overflow bug in Lua bit_tohex 2024-09-16 09:08:14 +02:00
LICENSES Add missing LGPL-3.0-or-later license text 2024-03-25 13:53:26 +13:00
src Prevent unbounded recursive pattern matching 2024-09-16 09:08:35 +02:00
tests Prevent unbounded recursive pattern matching 2024-09-16 09:08:35 +02:00
utils utils/generate-module-api-doc.rb: update for redict.io 2024-03-26 10:50:41 +01:00
.editorconfig Add .editorconfig 2024-03-23 13:44:50 +01:00
.gitattributes Fix commands.c build issue on merge (#10172) 2022-01-25 12:24:06 +02:00
.gitignore Rename source files and make targets 2024-03-21 10:49:18 +01:00
CODE_OF_CONDUCT.md Update CODE_OF_CONDUCT.md 2024-03-26 14:13:57 +01:00
CONTRIBUTING.md Update top-level documentation 2024-03-22 13:41:12 +01:00
Makefile Makefile: add support to DESTDIR 2024-03-25 11:24:24 +00:00
README.md Mention USE_SYSTEM_HIREDICT setting in README 2024-04-14 11:54:28 +03:00
redict.conf Make pidfile section more clear 2024-07-29 11:54:38 +02:00
runtest all: let's go LGPL over GPL 2024-03-21 20:11:44 +01:00
runtest-cluster all: let's go LGPL over GPL 2024-03-21 20:11:44 +01:00
runtest-moduleapi all: let's go LGPL over GPL 2024-03-21 20:11:44 +01:00
runtest-sentinel all: let's go LGPL over GPL 2024-03-21 20:11:44 +01:00
SECURITY.md Update SECURITY.md 2024-03-26 14:20:40 +01:00
sentinel.conf sentinel.conf: redis => redict 2024-03-21 10:43:01 +01:00
TLS.md TLS.md: Redis => Redict 2024-03-22 13:44:30 +01:00

Redict

Redict is a distributed key/value store (a remote dictionary, if you will).

Redict is an independent fork of Redis®* OSS 7.2.4 licensed under the Lesser GNU General Public license (LGPL-3.0-only). Redict is not affiliated with Redis®.

Installation and usage

For documentation on Redict's installation and usage, consult the website. The intended audience of this README file are those who wish to build Redict from source for development purposes.

Building Redict from source

Redict only requires a compatible operating system (Unix-like), a standard C11 toolchain, and GNU make. To build Redict, simply run "make".

Customizing the build

You can pass the following variables to Redict to customize the build:

  • USE_JEMALLOC=no MALLOC=libc: use the libc allocator rather than jemalloc
  • USE_SYSTEM_JEMALLOC=yes: use the system's installed jemalloc libraries rather than the vendored copy.
  • USE_SYSTEM_HIREDICT=yes: use the system's installed hiredict libraries rather than the vendored copy.
  • BUILD_TLS=yes: build with TLS support. Requires OpenSSL.
  • USE_SYSTEMD=yes: build with systemd support. Requires libsystemd.
  • PROG_SUFFIX="-suffix": Append "-suffix" to executable names

Running tests

To run the test suite, run ./runtest after the build. The following additional test suites are provided:

  • ./runtest-cluster: run cluster configuration tests
  • ./runtest-moduleapi: run Redict Module API tests
  • ./runtest-sentinel: run sentinel configuration tests

To run tests with TLS support enabled, build Redict with BUILD_TLS=yes and generate test certificates with ./utils/gen-test-certs.sh. You may then run ./runtests --tls to run the test suite with TLS testing enabled.

Running Redict

After building Redict, simply run ./src/redict-server. You may connect to it with ./src/redict-cli.

For details on TLS usage, consult TLS.md.


* Redis is a registered trademark of Redis Ltd. Any rights therein are reserved to Redis Ltd. Any use by the Redict project is for referential purposes only and does not indicate any sponsorship, endorsement or affiliation between Redis and the Redict project.