read: Ensure no invalid '\r' or '\n' in simple status/error strings

author: Alex Smith <aes7mv@virginia.edu> 2020-10-16 17:38:38 -0400
committer: michael-grunder <michael.grunder@gmail.com> 2021-02-25 21:25:17 -0800
commit: c6646cb19242b0e0966760b38e7df74742b3a7b2 (patch)
tree: cafa97854b531b392b144c3248232b6b70740e4d
parent: e43061156cffea910ab46dab1135e16e70774dce (diff)
download: hiredict-c6646cb19242b0e0966760b38e7df74742b3a7b2.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/read.c b/read.c
index 01fa9dc..89b5b5a 100644
--- a/read.c
+++ b/read.c
@@ -339,6 +339,13 @@ static int processLineItem(redisReader *r) {
                 obj = (void*)REDIS_REPLY_BOOL;
         } else {
             /* Type will be error or status. */
+            for (int i = 0; i < len; i++) {
+                if (p[i] == '\r' || p[i] == '\n') {
+                    __redisReaderSetError(r,REDIS_ERR_PROTOCOL,
+                            "Bad simple string value");
+                    return REDIS_ERR;
+                }
+            }
             if (r->fn && r->fn->createString)
                 obj = r->fn->createString(cur,p,len);
             else
author	Alex Smith <aes7mv@virginia.edu>	2020-10-16 17:38:38 -0400
committer	michael-grunder <michael.grunder@gmail.com>	2021-02-25 21:25:17 -0800
commit	c6646cb19242b0e0966760b38e7df74742b3a7b2 (patch)
tree	cafa97854b531b392b144c3248232b6b70740e4d
parent	e43061156cffea910ab46dab1135e16e70774dce (diff)
download	hiredict-c6646cb19242b0e0966760b38e7df74742b3a7b2.tar.xz