Age | Commit message (Collapse) | Author |
|
This fix prevents hiredis from trying to allocate more than `SIZE_MAX`
bytes, which would result in a buffer overrun.
[Full Details](https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2)
|
|
We need to allow our users to use redisContext->privdata as context
for any RESP3 PUSH messages, which means we can't use it for managing
SSL connections.
Bulletpoints:
* Create a secondary redisContext member for internal use only called
privctx and rename the redisContextFuncs->free_privdata accordingly.
* Adds a `free_privdata` function pointer so the user can tie allocated
memory to the lifetime of a redisContext (like they can already do
with redisAsyncContext)
* Enables SSL tests in .travis.yml
|
|
Add an additional timeout so the user has a convenient way of controlling distinct connect and command timeouts
|
|
Proper support for RESP3 PUSH messages.
By default, PUSH messages are now intercepted and the reply memory freed.
This means existing code should work unchanged when connecting to Redis
>= 6.0.0 even if `CLIENT TRACKING` were then enabled.
Additionally, we define two callbacks users can configure if they wish to handle
these messages in a custom way:
void redisPushFn(void *privdata, void *reply);
void redisAsyncPushFn(redisAsyncContext *ac, void *reply);
See #825
|
|
When connecting with a timeout, we shouldn't also call `redisSetTimeout` which will implement a timeout for commands.
See related issue #722
|
|
Fix overflow bug in `sdsrange`
|
|
* Adds an indirection to every allocation/deallocation to allow users to
plug in ones of their choosing (use custom functions, jemalloc, etc).
* Gracefully handle OOM everywhere in hiredis. This should make it possible
for users of the library to have more flexibility in how they handle such situations.
* Changes `redisReaderTask->elements` from an `int` to a `long long` to prevent
a possible overflow when transferring the task elements into a `redisReply`.
* Adds a configurable `max elements` member to `redisReader` that defaults to
2^32 - 1. This can be set to "unlimited" by setting the value to zero.
|
|
Fixes #815
|
|
Pull RESP3 verbatim string handling from Redis
Fixes #802
|
|
We currently perform a NULL check in redisGetReply and don't push the
reply back to the caller, but we don't free any reply meaning that this
will leak memory:
redisGetReply(context, NULL);
This change simply frees the reply if we were passed NULL.
Addresses #740
|
|
We should not attempt to keep the context and re-establish the
TLS connection for several reasons:
1. Maintain symmetry between redisConnect() and redisReconnect(), so in
both cases an extra step is required to initiate SSL.
2. The caller may also wish to reconfigure the SSL session and needs a
chance to do that.
3. It is not a practical thing to do on an async non-blocking connection
context.
|
|
|
|
Port RESP3 support from Redis.
|
|
|
|
This corresponds to commits d5c54f0b..bea09a7f in the redis repository.
|
|
|
|
With this change, Hiredis builds with MinGW and runs on Windows.
|
|
The redisFD type should be equal to the system native socket file
desciptor type (for POSIX, this is a plain int).
We also introduce the REDIS_INVALID_FD value, which maps to -1 on POSIX
systems.
|
|
This makes hiredis.c free from system calls related to socket I/O. This
is also makes the treatment of raw socket connections more similar to
the SSL backend.
|
|
|
|
|
|
This helps us detect use-after-free
|
|
|
|
|
|
also, clean up redisContextInit -- we're just zeoring the struct
|
|
This reduces the boilerplate of all the redisConnectXXX functions, and
allows us to provide more connection options in the future.
|
|
|
|
Referred to redisContextReadReply which I cannot find in this codebase
nor the old redis-tools one. Presumably this meant to say
redisGetReplyFromReader which is how redisBufferRead is used in this
file. Could've also meant the interface function redisReaderGetReply.
|
|
This retrieves the actual error which occurred, as getsockopt is not
always reliable in this regard.
|
|
This makes createArray consistent with createString, which also takes
size_t. Bounds-check and unit tests are updated to allow up to
min(SIZE_MAX,LLONG_MAX).
Changelog is updated to mention this API break.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
free(NULL) is a valid NOP. Most of the hiredis free functions behave the
same way. redisReaderFree is updated to also be NULL-safe.
There is one redundant NULL check at sds.c:1036, but it's left as is
since sds is imported from upstream.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
calloc is guaranteed to provide a zero-initialized buffer. There is
no need to set fields to zero explicitly.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
Since _GNU_SOURCE is now guaranteed to be unset, it is no longer
necessary to support the GNU-specific version of strerror_r.
Drop __redis_strerror_r from the header, and call strerror_r directly.
This breaks any external users of this macro, but they shouldn't have
been using it in the first place.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
|
|
|
|
this issue is very significant, because not allow the proper execution of the "function redisCommandArgv". The server returns "invalid bulk length".
Thanks!
|
|
|
|
connection"
This reverts commit 1db17f257b1999114c699e77e204f1a91143e5ad.
If the `REDIS_CONNECTED` flag is cleared,
the async onDisconnect callback function will never be called.
This causes problems as the disconnect is never reported back to the user.
Closes #359
|
|
|
|
encountering defined constant 'unix' in GNU C environment (see commit d8145d79ce715054980938c751067ebaa541573c).
Not all code using hiredis can compile using '-std=c99', and/or not all users are able to easily make that change to the build process of various open-source projects, so it is more pragmatic to choose a different identifier that does not impose this requirement.
|
|
|
|
Originally implemented by @abedra as part of #306.
In case a write or read times out, we force an error state, because we
can't guarantuee that the next read will get the right data.
Instead we need to reconnect to have a clean-state connection, which is
now easily possible with this method.
|
|
This replaces the old intlen() implementation with a slightly
faster way of counting digits.
Implementation taken from the same place where digits10() in
redis/src/util.c came from.
The old 'intlen' allowed negative inputs, but no usage in hiredis
was passing negative numbers, so that ability is removed. Also,
the new implementation can count higher (uint64_t) instead of
limited to just int as before.
Fixes #295 by replacing implementation
|
|
|
|
The strerror_r API has two flavors depending on system options.
The bad flavor uses a static buffer for returning results, so if
you save the pointer from strerror_r, the string you're referencing
becomes useless if anybody else calls strerror_r again
The good flavor does what you expect: it writes the error to your buffer.
This commit uses strerror_r directly if it's a good version or copies
the static buffer into our private buffer if it's a bad version.
Thanks to gemorin for explaining the problem and drafting a fix.
Fixes #239
|
|
Makes hiredis reading functions easier to include in external projects
[fixed all merge conflicts against current version]
Closes #249
|
|
Previously, redisvAppendCommand() would return OOM even with formatting
errors. Now we use OTHER with an error string telling the user the
error was formatting related, not memory related.
This also fixes a potentially worse bug where were would pass error result
of -1 as an actual length to another function taking an unsigned length,
which would result in crash/overallocation/errors. Now for that case,
we just return an error immediately and stop processing the command.
Fixes #177
|
|
If realloc fails, the curargv will be NULL.
Closes #253
|
|
Check whether the obuf or reader is empty: if one of the items is empty,
free the redisContext.
|
|
Flags can occur in any order in format string, so we can't assume any order.
In original code, the redisvFormatCommand can process " %#+d" correctly,
but can't process "%+#d".
Closes #257
|