| Age | Commit message (Collapse) | Author |
|---|
|
A command with a faulty formatting string that lacks the
conversion specifier results in a ASAN heap-buffer-overflow.
This was due to that strchr() matches on null-termination,
which triggers a continuation of the string parsing.
|
|
See: #916
|
|
|
|
|
|
Illumos test fixes, error message difference fot bad hostname test.
|
|
In f69fac7690fb22a7fc19dba61ef70e5f79ccb2e9, our async onConnect
callback was improved to take a non-const redisAsyncContext allowing it
to be reentrant.
Unfortunately, this is a breaking change we can't make until hiredis
v2.0.0.
This commit creates a separate callback member and corresponding
function that allows us to use the new functionality, while maintaining
our existing API for legacy code.
Fixes #1086
|
|
Since the callback is now re-entrant, it can call apis such as redisAsyncDisconnect()
|
|
|
|
|
|
|
|
|
|
Redis responds to an unsubscribe with one or many replies, depending
on the current subscribe state. When channels/patterns names are
provided in a command each given name will trigger a reply even if
duplicated or not subscribed to.
To know when we can return from the subscribed state we need to do
bookkeeping on pending additional unsubscribe replies, and make sure
we receive them all before switching state.
|
|
|
|
* No reuse of the previous reply callback
When multiple replies are parsed from a socket in one read
a previously found callback might get reused when the current
reply has no known callback.
This can be triggered by the added testcase which unsubscribe to
subscribed (A,B) and a non-subscribed channel (X).
Without this correction a callback for wrong channel is called.
- In 'unsubscribe B X A', B's callback is called when handling X.
- Now this is not done, i.e. there is no callback called for X.
* Re-push monitor callback for each reply
MONITORING used the same callback for all replies while parsing
multiple responses. This handling was changed to avoid calling
the wrong callback in some scenarios.
Now also change monitorings repush to work with this change.
Includes an added async monitoring testcase.
|
|
* Add test of async commands after unsubscribe
Verify that commands are handled after unsubscribing from a channel.
A command is sent before the `unsubscribe` response is received,
which currently triggers an assert in async.c:567:
`redisProcessCallbacks: Assertion `(c->flags & REDIS_SUBSCRIBED || c->flags & REDIS_MONITORING)' failed.`
* Handle async commands after an unsubscribe
When unsubscribing from the last channel we move from the `subscribe`
state to a normal state. These states uses different holders for the
command callback information.
By moving the callback info during the state change the callback order
can be maintained.
|
|
* Add test of command timeout during pubsub
A timeout of a non-subscribe command will be ignored during pubsub.
It will be handled as an idle timeout and a response is awaited for.
* Correction for command timeout during pubsub
Disconnect when a sent non-subscribe command triggers a timeout.
|
|
RESP3 allows sending commands in parallell with pubsub handling
and these commands might get responded with a REDIS_REPLY_ARRAY.
This conflicts with the pubsub response handling for RESP2 and
results in a faulty state when using RESP3.
Add functionality to keep track of PUSH/RESP3 support on the connection
and only expect the message type REDIS_REPLY_PUSH as subscribe messages
when once seen.
|
|
* Handle PING during pubsub in RESP2
* Rename invalid callback list
Some commands are valid to send during a subscribe in RESP2, and
most in RESP3. Renaming the callback list from `invalid` to `replies`
to detail this fact.
* Fix review comment
|
|
* Include `unsubscribe` as a subscribe reply in RESP3
By providing the (p)unsubscribe message via the subscribe callback,
instead of via the push callback, we get the same behavior in RESP3
as in RESP2.
* Add asynchronous test for pubsub using RESP3
The testcase will subscribe to a channel, and via a second client
a message is published to the channel. After receiving the message
the testcase will unsubscribe and disconnect.
This RESP3 testcase reuses the subscribe callback from the RESP2
testcase to make sure we have a common behavior.
|
|
|
|
The testcase will subscribe to a channel, and via a second client
a message is published to the channel. After receiving the message
the testcase will unsubscribe and disconnect.
|
|
|
|
Since `hi_calloc` always passes through one of our wrapper functions,
we can perform this overflow in the wrapper, and get protection
everywhere.
Previous commit: 76a7b10005c70babee357a7d0f2becf28ec7ed1e
Related vuln ID: CVE-2021-32765
[Full Details](https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2)
|
|
Merge the v1.0.1 release branch and bump the dev version to 1.0.2-dev
|
|
This fix prevents hiredis from trying to allocate more than `SIZE_MAX`
bytes, which would result in a buffer overrun.
[Full Details](https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2)
|
|
|
|
This ensures that malformed RESP3 double messages that include an
invalid null byte are not parsed as valid.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When CLIENT TRACKING is enabled, Redis will send an invalidation message
with a NIL payload to all tracking clients after a FLUSHDB is executed.
We didn't account for REDIS_REPLY_PUSH being a valid parent object to a
NIL payload, and were failing an assertion.
Additionally this commit adds a regression test for the logic.
|
|
We need to allow our users to use redisContext->privdata as context
for any RESP3 PUSH messages, which means we can't use it for managing
SSL connections.
Bulletpoints:
* Create a secondary redisContext member for internal use only called
privctx and rename the redisContextFuncs->free_privdata accordingly.
* Adds a `free_privdata` function pointer so the user can tie allocated
memory to the lifetime of a redisContext (like they can already do
with redisAsyncContext)
* Enables SSL tests in .travis.yml
|
|
Proper support for RESP3 PUSH messages.
By default, PUSH messages are now intercepted and the reply memory freed.
This means existing code should work unchanged when connecting to Redis
>= 6.0.0 even if `CLIENT TRACKING` were then enabled.
Additionally, we define two callbacks users can configure if they wish to handle
these messages in a custom way:
void redisPushFn(void *privdata, void *reply);
void redisAsyncPushFn(redisAsyncContext *ac, void *reply);
See #825
|
|
|
|
|
|
Using `strdup` as a struct member causes issues in older gcc
|
|
|
|
* Adds an indirection to every allocation/deallocation to allow users to
plug in ones of their choosing (use custom functions, jemalloc, etc).
* Gracefully handle OOM everywhere in hiredis. This should make it possible
for users of the library to have more flexibility in how they handle such situations.
* Changes `redisReaderTask->elements` from an `int` to a `long long` to prevent
a possible overflow when transferring the task elements into a `redisReply`.
* Adds a configurable `max elements` member to `redisReader` that defaults to
2^32 - 1. This can be set to "unlimited" by setting the value to zero.
|
|
Fixes #815
|
|
Pull RESP3 verbatim string handling from Redis
Fixes #802
|
|
* Remove nested depth limitation.
This commit removes the nested multi-bulk depth limitation of 7.
We do this by switching to pointer to pointer indirection and
growing the stack in chunks when needed.
See: #794, #421
|
|
Unit tests in Windows and a Windows timeout fix
This commit gets our unit tests compiling and running on Windows as well as removes a duplicated `timeval` -> `DWORD` conversion logic in sockcompat.c
There are minor differences in behavior between Linux and Windows to note:
1. In Windows, opening a non-existent hangs forever in WSAPoll whereas
it correctly returns with a "Connection refused" error on Linux.
For that reason, I simply skip this test in Windows.
It may be related to this known issue:
https://daniel.haxx.se/blog/2012/10/10/wsapoll-is-broken/
2. Timeouts are handled slightly differently in Windows and Linux.
In Linux, we intentionally set REDIS_ERR_IO for connection
timeouts whereas in Windows we set REDIS_ERR_TIMEOUT. It may be
prudent to fix this discrepancy although there are almost certainly
users relying on the current behavior.
|
|
We currently perform a NULL check in redisGetReply and don't push the
reply back to the caller, but we don't free any reply meaning that this
will leak memory:
redisGetReply(context, NULL);
This change simply frees the reply if we were passed NULL.
Addresses #740
|
|
redisFormatSdsCommandArgv takes an sds* and calls sdsempty() for us.
Addresses #714
|
|
This repeats all existing tests in SSL mode, but does not yet provide
SSL-specific tests.
|
|
|
