Age | Commit message (Collapse) | Author |
|
|
|
|
|
This ensures that malformed RESP3 double messages that include an
invalid null byte are not parsed as valid.
|
|
|
|
RESP3 bools should be only one of "#t\r\n" or "#f\r\n". We also allow
capital 'T' and 'F' to be lenient.
|
|
RESP3 nil should consist of "_\r\n" and nothing else.
|
|
The ',' protocol byte gets removed in processItem(), so it should not
be compared against in processLineItem().
strtod() allows multiple representations of infinity and NaN that are
not RESP3 compliant. Since we explicitly check for the two compliant
infinity cases, strtod() should only return finite values.
|
|
Static analyzer's can't tell that hi_calloc is calloc-like, and report a
potential null pointer dereference. This isn't possible but it's
probably smarter to make the test anyway in the event code changes.
|
|
Fix overflow bug in `sdsrange`
|
|
* Adds an indirection to every allocation/deallocation to allow users to
plug in ones of their choosing (use custom functions, jemalloc, etc).
* Gracefully handle OOM everywhere in hiredis. This should make it possible
for users of the library to have more flexibility in how they handle such situations.
* Changes `redisReaderTask->elements` from an `int` to a `long long` to prevent
a possible overflow when transferring the task elements into a `redisReply`.
* Adds a configurable `max elements` member to `redisReader` that defaults to
2^32 - 1. This can be set to "unlimited" by setting the value to zero.
|
|
Fixes #815
|
|
Pull RESP3 verbatim string handling from Redis
Fixes #802
|
|
* Remove nested depth limitation.
This commit removes the nested multi-bulk depth limitation of 7.
We do this by switching to pointer to pointer indirection and
growing the stack in chunks when needed.
See: #794, #421
|
|
|
|
|
|
Port RESP3 support from Redis.
|
|
|
|
This corresponds to commits d5c54f0b..bea09a7f in the redis repository.
|
|
|
|
|
|
See discussion on #609. This should also make it easier for redis to
update the vendored/bundled hiredis (though not by much).
|
|
This makes createArray consistent with createString, which also takes
size_t. Bounds-check and unit tests are updated to allow up to
min(SIZE_MAX,LLONG_MAX).
Changelog is updated to mention this API break.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
This commit pulls string2ll from Redis (with permission from Antirez)
as strtoll is 2-3x slower and even worse vs the original version in
hiredis that didn't check for overflow at all.
By using string2ll there is almost no measurable performance impact
of overflow detection even in integer parsing heavy workloads (e.g.
INCRBY commands).
|
|
processMultiBulkItem truncates the value read from readLongLong,
resulting in a corrupted state when the next item is read.
createArray takes an int, so bound to INT_MAX.
Inspection showed that processBulkItem had the same truncation issue.
createString takes size_t, so bound to SIZE_MAX. This only has an
effect on 32-bit platforms.
A strict lower bound is also added, since negative lengths other
than -1 are invalid according to RESP.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
Badly formatted or out-of-range integers are now protocol errors.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
free(NULL) is a valid NOP. Most of the hiredis free functions behave the
same way. redisReaderFree is updated to also be NULL-safe.
There is one redundant NULL check at sds.c:1036, but it's left as is
since sds is imported from upstream.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
calloc is guaranteed to provide a zero-initialized buffer. There is
no need to set fields to zero explicitly.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
|
|
|
|
static char *seekNewline(char *s, size_t len) :
this function can not parse the string,such as "hello world\r". the case that the last char is '\r'.
|
|
For hiredis-py and others support on windows.
|
|
Makes hiredis reading functions easier to include in external projects
[fixed all merge conflicts against current version]
Closes #249
|