Add checks for overflow in redis-check-aof and loadAppendOnlyFile (#9669)

Co-authored-by: guoyiyuan <guoyiyuan@sbrella.com>
author: yiyuaner <yguoaz@gmail.com> 2021-11-02 23:03:07 +0800
committer: GitHub <noreply@github.com> 2021-11-02 17:03:07 +0200
commit: 78025c4a26a048ed7770060c8d90cfc81edf46e8 (patch)
tree: 93b48dd762268a79c5b673b7e0eede52c33dd59e /src/redis-check-aof.c
parent: 87321deb3f5ae4319d20833eb91bde667fbd0b1c (diff)
download: redis-78025c4a26a048ed7770060c8d90cfc81edf46e8.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/redis-check-aof.c b/src/redis-check-aof.c
index 8cbe84896..01f42ec1b 100644
--- a/src/redis-check-aof.c
+++ b/src/redis-check-aof.c
@@ -124,6 +124,11 @@ int readString(FILE *fp, char** target) {
         return 0;
     }
 
+    if (len < 0 || len > LONG_MAX - 2) {
+        ERROR("Expected to read string of %ld bytes, which is not in the suitable range",len);
+        return 0;
+    }
+
     /* Increase length to also consume \r\n */
     len += 2;
     *target = (char*)zmalloc(len);
author	yiyuaner <yguoaz@gmail.com>	2021-11-02 23:03:07 +0800
committer	GitHub <noreply@github.com>	2021-11-02 17:03:07 +0200
commit	78025c4a26a048ed7770060c8d90cfc81edf46e8 (patch)
tree	93b48dd762268a79c5b673b7e0eede52c33dd59e /src/redis-check-aof.c
parent	87321deb3f5ae4319d20833eb91bde667fbd0b1c (diff)
download	redis-78025c4a26a048ed7770060c8d90cfc81edf46e8.tar.gz