diff options
author | Wen Hui <wen.hui.ware@gmail.com> | 2023-04-02 12:19:44 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-02 19:19:44 +0300 |
commit | a4a0eab52b351b5f152071dda2a993d90f99d64b (patch) | |
tree | a3c49edecb6d41ef7222ec4d4bf35bd4adbf1538 /src | |
parent | f38aa6bfb7a1bc7a3c5b18fadc513da1152bc7b5 (diff) | |
download | redis-a4a0eab52b351b5f152071dda2a993d90f99d64b.tar.gz |
redis-cli - handle sensitive command redaction for variadic CONFIG SET (#11975)
In the Redis 7.0 and newer version,
config set command support multiply `<parameter> <value>` pairs, thus the previous
sensitive command condition does not apply anymore
For example:
The command:
**config set maxmemory 1GB masteruser aa** will be written to redis_cli historyfile
In this PR, we update the condition for these sensitive commands
config set masteruser <username>
config set masterauth <master-password>
config set requirepass foobared
Diffstat (limited to 'src')
-rw-r--r-- | src/redis-cli.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/redis-cli.c b/src/redis-cli.c index d92fcb01a..2bb2d6e67 100644 --- a/src/redis-cli.c +++ b/src/redis-cli.c @@ -3261,12 +3261,15 @@ static int isSensitiveCommand(int argc, char **argv) { return 1; } else if (argc > 2 && !strcasecmp(argv[0],"config") && - !strcasecmp(argv[1],"set") && ( - !strcasecmp(argv[2],"masterauth") || - !strcasecmp(argv[2],"masteruser") || - !strcasecmp(argv[2],"requirepass"))) - { - return 1; + !strcasecmp(argv[1],"set")) { + for (int j = 2; j < argc; j = j+2) { + if (!strcasecmp(argv[j],"masterauth") || + !strcasecmp(argv[j],"masteruser") || + !strcasecmp(argv[j],"requirepass")) { + return 1; + } + } + return 0; /* HELLO [protover [AUTH username password] [SETNAME clientname]] */ } else if (argc > 4 && !strcasecmp(argv[0],"hello")) { for (int j = 2; j < argc; j++) { |