summaryrefslogtreecommitdiff
path: root/hiredis.c
AgeCommit message (Collapse)Author
2022-09-01fix heap-buffer-overflow (#957)zhangtaoXT5
Prevent incrementing passed a `\0` in our format string. Co-authored-by: Michael Grunder <michael.grunder@gmail.com> Co-authored-by: Kristján Valur Jónsson <sweskman@gmail.com>
2022-09-01Add possibility to prefer IPv6, IPv4 or unspecifiedViktor Söderqvist
2022-09-01Fix heap-buffer-overflow issue in redisvFormatCommadBjörn Svensson
A command with a faulty formatting string that lacks the conversion specifier results in a ASAN heap-buffer-overflow. This was due to that strchr() matches on null-termination, which triggers a continuation of the string parsing.
2022-08-29Merge pull request #964 from afcidk/fix-createDoubleObjectMichael Grunder
Fix potential fault at createDoubleObject
2021-12-22Fix integer overflow when format command larger than 4GB (#1030)sundb
2021-11-01Fix potential fault at createDoubleObjectPei-Hsuan Hung
Resolves #963. Add additional check to `hi_malloc` for `r->str` when len equals to SIZE_MAX.
2021-10-10Minor refactor of CVE-2021-32765 fix.michael-grunder
Since `hi_calloc` always passes through one of our wrapper functions, we can perform this overflow in the wrapper, and get protection everywhere. Previous commit: 76a7b10005c70babee357a7d0f2becf28ec7ed1e Related vuln ID: CVE-2021-32765 [Full Details](https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2)
2021-10-04Merge branch 'release/v1.0.1'michael-grunder
Merge the v1.0.1 release branch and bump the dev version to 1.0.2-dev
2021-10-04Fix for integer/buffer overflow CVE-2021-32765Yossi Gottlieb
This fix prevents hiredis from trying to allocate more than `SIZE_MAX` bytes, which would result in a buffer overrun. [Full Details](https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2)
2021-08-18Don't leak memory if an invalid type is set (#906)rouzier
Co-authored-by: James Rouzier <jrouzier@inverse.ca>
2021-07-11Added REDIS_NO_AUTO_FREE_REPLIES flag (#962)Meir Shpilraien (Spielrein)
When set hiredis will not automatically free replies in an async context, and the replies must be freed instead by the user. Co-authored-by: Michael Grunder <michael.grunder@gmail.com>
2021-04-02Change order independant push logic to not change behavior.michael-grunder
Since redisGetReplyFromReader is exposed in a header file, we probably shouldn't modify how it behaves in any way. For this reason, handle the changed logic in an internal static helper method.
2021-04-02Handle the case where an invalidation is sent second.michael-grunder
RESP3 invalidation messages always seemed to be sent before the response to a given command, but it appears this is not always the case: In Redis 6.2.0RC1 Redis sends the invalidation after the HSET in the following sequence: ``` hget hash field $5 value hset hash field value :0 >2 $10 invalidate *1 $4 hash ``` To account for this possibility just wrap redisGetReplyFromReader in a loop as it is called twice in redisGetReply.
2021-02-25read: Add support for the RESP3 bignum typeAlex Smith
2021-02-25redisReply: Fix parent type assertions during double, nil, bool creationAlex Smith
Per RESP3, push messages are able to contain exactly what array messages can contain (that is, any other type).
2021-02-25redisReply: Explicitly list nil and bool cases in freeReplyObject() switch.Alex Smith
2021-02-25redisReply: Fix - set len in double objectsAlex Smith
2020-10-17Fix handling of NIL invalidation messages.michael-grunder
When CLIENT TRACKING is enabled, Redis will send an invalidation message with a NIL payload to all tracking clients after a FLUSHDB is executed. We didn't account for REDIS_REPLY_PUSH being a valid parent object to a NIL payload, and were failing an assertion. Additionally this commit adds a regression test for the logic.
2020-10-12clean a warning, remvoe empty else blockGuy Korland
2020-07-29Move SSL management to a distinct private pointer. (#855)Michael Grunder
We need to allow our users to use redisContext->privdata as context for any RESP3 PUSH messages, which means we can't use it for managing SSL connections. Bulletpoints: * Create a secondary redisContext member for internal use only called privctx and rename the redisContextFuncs->free_privdata accordingly. * Adds a `free_privdata` function pointer so the user can tie allocated memory to the lifetime of a redisContext (like they can already do with redisAsyncContext) * Enables SSL tests in .travis.yml
2020-07-26add a command_timeout to redisContextOptions (#839)valentinogeron
Add an additional timeout so the user has a convenient way of controlling distinct connect and command timeouts
2020-07-19Resp3 oob push support (#841)Michael Grunder
Proper support for RESP3 PUSH messages. By default, PUSH messages are now intercepted and the reply memory freed. This means existing code should work unchanged when connecting to Redis >= 6.0.0 even if `CLIENT TRACKING` were then enabled. Additionally, we define two callbacks users can configure if they wish to handle these messages in a custom way: void redisPushFn(void *privdata, void *reply); void redisAsyncPushFn(redisAsyncContext *ac, void *reply); See #825
2020-06-18timeout option in redisConnectWithOptions should be on connect only (#829)valentinogeron
When connecting with a timeout, we shouldn't also call `redisSetTimeout` which will implement a timeout for commands. See related issue #722
2020-06-07sdsrange overflow fix (#830)Michael Grunder
Fix overflow bug in `sdsrange`
2020-05-22Allow users to replace allocator and handle OOM everywhere. (#800)Michael Grunder
* Adds an indirection to every allocation/deallocation to allow users to plug in ones of their choosing (use custom functions, jemalloc, etc). * Gracefully handle OOM everywhere in hiredis. This should make it possible for users of the library to have more flexibility in how they handle such situations. * Changes `redisReaderTask->elements` from an `int` to a `long long` to prevent a possible overflow when transferring the task elements into a `redisReply`. * Adds a configurable `max elements` member to `redisReader` that defaults to 2^32 - 1. This can be set to "unlimited" by setting the value to zero.
2020-05-21Add logic to handle RESP3 push messages (#819)Michael Grunder
Fixes #815
2020-05-19Resp3 verbatim string support (#805)Michael Grunder
Pull RESP3 verbatim string handling from Redis Fixes #802
2019-12-12Free the reply in redisGetReply when passed NULLmichael-grunder
We currently perform a NULL check in redisGetReply and don't push the reply back to the caller, but we don't free any reply meaning that this will leak memory: redisGetReply(context, NULL); This change simply frees the reply if we were passed NULL. Addresses #740
2019-09-16Fix: redisReconnect() should clear SSL context.Yossi Gottlieb
We should not attempt to keep the context and re-establish the TLS connection for several reasons: 1. Maintain symmetry between redisConnect() and redisReconnect(), so in both cases an extra step is required to initiate SSL. 2. The caller may also wish to reconfigure the SSL session and needs a chance to do that. 3. It is not a practical thing to do on an async non-blocking connection context.
2019-08-29wip: SSL code reorganization, see #705.Yossi Gottlieb
2019-08-27Merge pull request #697 from yossigo/resp3Mark Nunberg
Port RESP3 support from Redis.
2019-08-09Merge branch 'master' into createArray-size_tMark Nunberg
2019-08-04RESP3 support changes from Redis.Yossi Gottlieb
This corresponds to commits d5c54f0b..bea09a7f in the redis repository.
2019-04-10ensure that blocking timeout is setMark Nunberg
2019-04-01Port network layer to Winsockm
With this change, Hiredis builds with MinGW and runs on Windows.
2019-04-01Introduce a redisFD typem
The redisFD type should be equal to the system native socket file desciptor type (for POSIX, this is a plain int). We also introduce the REDIS_INVALID_FD value, which maps to -1 on POSIX systems.
2019-04-01Move network I/O calls to net.cm
This makes hiredis.c free from system calls related to socket I/O. This is also makes the treatment of raw socket connections more similar to the SSL backend.
2019-02-21Allow option for async connections to not automatically freeMark Nunberg
2019-02-20fixed wrong memset argsMark Nunberg
2019-02-20scrub redisContext before freeingMark Nunberg
This helps us detect use-after-free
2019-02-20Fix memory leaksvalentino
2019-02-20Support SNIvalentino
2019-02-20minor fixes: initialize options struct with 0 alwaysMark Nunberg
also, clean up redisContextInit -- we're just zeoring the struct
2019-02-20Provide option-struct initializationMark Nunberg
This reduces the boilerplate of all the redisConnectXXX functions, and allows us to provide more connection options in the future.
2019-02-20Initial SSL (sync) implementationMark Nunberg
2018-10-24Fix redisBufferRead documentationStefan Hacker
Referred to redisContextReadReply which I cannot find in this codebase nor the old redis-tools one. Presumably this meant to say redisGetReplyFromReader which is how redisBufferRead is used in this file. Could've also meant the interface function redisReaderGetReply.
2018-09-25Call connect(2) again for non-blocking connectMark Nunberg
This retrieves the actual error which occurred, as getsockopt is not always reliable in this regard.
2018-05-21Update createArray to take size_tJustin Brewer
This makes createArray consistent with createString, which also takes size_t. Bounds-check and unit tests are updated to allow up to min(SIZE_MAX,LLONG_MAX). Changelog is updated to mention this API break. Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
2018-04-30Remove redundant NULL checksJustin Brewer
free(NULL) is a valid NOP. Most of the hiredis free functions behave the same way. redisReaderFree is updated to also be NULL-safe. There is one redundant NULL check at sds.c:1036, but it's left as is since sds is imported from upstream. Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
2018-04-30Remove redundant zero storesJustin Brewer
calloc is guaranteed to provide a zero-initialized buffer. There is no need to set fields to zero explicitly. Signed-off-by: Justin Brewer <jzb0012@auburn.edu>