summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Ziplist: insertion bug under particular conditions fixed.3.0antirez2017-02-011-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ziplists had a bug that was discovered while investigating a different issue, resulting in a corrupted ziplist representation, and a likely segmentation foult and/or data corruption of the last element of the ziplist, once the ziplist is accessed again. The bug happens when a specific set of insertions / deletions is performed so that an entry is encoded to have a "prevlen" field (the length of the previous entry) of 5 bytes but with a count that could be encoded in a "prevlen" field of a since byte. This could happen when the "cascading update" process called by ziplistInsert()/ziplistDelete() in certain contitious forces the prevlen to be bigger than necessary in order to avoid too much data moving around. Once such an entry is generated, inserting a very small entry immediately before it will result in a resizing of the ziplist for a count smaller than the current ziplist length (which is a violation, inserting code expects the ziplist to get bigger actually). So an FF byte is inserted in a misplaced position. Moreover a realloc() is performed with a count smaller than the ziplist current length so the final bytes could be trashed as well. SECURITY IMPLICATIONS: Currently it looks like an attacker can only crash a Redis server by providing specifically choosen commands. However a FF byte is written and there are other memory operations that depend on a wrong count, so even if it is not immediately apparent how to mount an attack in order to execute code remotely, it is not impossible at all that this could be done. Attacks always get better... and we did not spent enough time in order to think how to exploit this issue, but security researchers or malicious attackers could.
* Cluster: handle zero bytes at the end of nodes.conf.antirez2016-12-061-1/+1
|
* Merge pull request #3300 from andyli029/patch-3Salvatore Sanfilippo2016-06-101-1/+1
|\ | | | | fix comment "b > a" to "a > b"
| * fix comment "b>a" to "a > b"andyli2016-06-071-1/+1
|/
* Removed dofile() from LuaAdam Baldwin2016-05-081-0/+2
|
* Fix nanosecond conversionJan-Erik Rediger2016-05-051-1/+1
| | | | | | 1 microsecond = 1000 nanoseconds 1e3 = 1000 10e3 = 10000
* additional fix to issue #2948Oran Agra2016-05-051-0/+3
|
* New masters with slots are now targets of migration if others are.antirez2016-05-051-1/+35
| | | | | | | | | | | | | | | | This fixes issue #3043. Before this fix, after a complete resharding of a master slots to other nodes, the master remains empty and the slaves migrate away to other masters with non-zero nodes. However the old master now empty, is no longer considered a target for migration, because the system has no way to tell it had slaves in the past. This fix leaves the algorithm used in the past untouched, but adds a new rule. When a new or old master which is empty and without slaves, are assigend with their first slot, if other masters in the cluster have slaves, they are automatically considered to be targets for replicas migration.
* Minor redis-cli wording change in --help output.antirez2016-05-051-1/+2
|
* redis-cli: don't free historyfile, is used later.antirez2016-05-051-0/+1
|
* Cluster: make getNodeByQuery() responsible of -CLUSTERDOWN errors.antirez2016-05-052-18/+21
| | | | | | | | This fixes a bug introduced by d827dbf, and makes the code consistent with the logic of always allowing, while the cluster is down, commands that don't target any key. As a side effect the code is also simpler now.
* Reverse redirect address parseDavid Cavar2016-05-051-1/+1
| | | Fix issue in case the redirect address is in ipv6 format. Parse from behind to extract last part of the response which represents actual port.
* Bind both IPv4 and IPv6 or exit with an error by default.antirez2016-05-051-8/+10
| | | | | | | | Thanks to @tushar2708 for the PR. I applied a slightly different fix. Thanks to @cespare for reporting. Close #3024 Close #3020
* Merge pull request #3133 from c2nes/check-slots-execSalvatore Sanfilippo2016-05-051-2/+7
|\ | | | | Ensure slots are rechecked on EXEC.
| * Ensure slots are rechecked on EXEC.Chris Thunes2016-03-111-2/+7
| | | | | | | | Fixes #2515.
* | fix variableRyosuke Hasebe2016-05-051-5/+5
| |
* | fix check_open_slotsRyosuke Hasebe2016-05-051-1/+2
|/
* Remove Lua state reference from buffers in lua_cmsgpack.antirez2016-02-101-28/+25
|
* cmsgpack: pass correct osize values to lua allocator, update correct buf ↵yoav@monfort.co.il2016-02-101-4/+4
| | | | free space in cmsgpack
* Fix NOTIFY macro names after cherry pick of fix.antirez2016-02-051-2/+2
|
* Adds keyspace notifications for lremItamar Haber2016-02-051-2/+10
|
* Merge branch '3.0' of github.com:/antirez/redis into 3.0antirez2016-01-311-5/+0
|\
| * Merge pull request #3048 from itamarhaber/patch-4Salvatore Sanfilippo2016-01-311-5/+0
| |\ | | | | | | Removes more spuriousness from 3.0.7
| | * Removes more spuriousness from 3.0.7Itamar Haber2016-01-301-5/+0
| |/
* | Fix wrong macro name after merge of 3.2 code. (again).antirez2016-01-311-1/+1
|/
* Fix wrong macro name after merge of 3.2 code.antirez2016-01-291-1/+1
|
* Typo ASII -> ASCII fixed in comment.antirez2016-01-291-1/+1
|
* Cluster: include node IDs in SLOTS output.antirez2016-01-291-2/+6
| | | | | | | | CLUSTER SLOTS now includes IDs in the nodes description associated with a given slot range. Certain client libraries implementations need a way to reference a node in an unique way, so they were relying on CLUSTER NODES, that is not a stable API and may change frequently depending on Redis Cluster future requirements.
* Remove spurious entries in 3.0.7 changelog.antirez2016-01-291-7/+0
| | | | Certain things were only applicable to 3.2.0 RC2 and RC3.
* UPDATE: Redis 3.0.7.antirez2016-01-281-1/+7
| | | | We had to fix a few last minutes bugs.
* Use a smoother running average for avg_ttl in INFO.antirez2016-01-261-5/+9
| | | | | Reported here: https://www.reddit.com/r/redis/comments/42r0i0/avg_ttl_varies_a_lot/
* Fix merge conflicts from 3.2.antirez2016-01-261-3/+3
|
* Cluster: mismatch sender ID log put back at DEBUG level.antirez2016-01-261-13/+5
|
* Cluster: fix missing ntohs() call to access gossip section port.antirez2016-01-261-1/+1
|
* Better address udpate strategy when processing gossip sections.antirez2016-01-261-3/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | The change covers the case where: 1. There is a node we can't reach (in fail or pfail state). 2. We see a different address for this node, in the gossip section sent to us by a node that, instead, is able to talk with the node we cannot talk to. In this case it's a good bet to switch to the address reported by this node, since there was an address switch and it is able to talk with the node and we are not. However previosuly this was done in a dangerous way, by initiating an handshake. The handshake, using the MEET packet, forces the receiver to join our cluster, and this is not a good idea. If the node in question really just switched address, but is the same node, it already knows about us, so we just need to perform an address update and a reconnection. So with this commit instead we just update the address of the node, release the node link if any, and attempt to reconnect in the next clusterCron() cycle. The commit also improves debugging messages printed by Cluster during address or ID switches.
* Fix memory leak in masterauth config option loading.antirez2016-01-261-0/+1
|
* Fix merge issues with 3.2 backports.3.0.7antirez2016-01-251-2/+2
|
* Redis 3.0.7.antirez2016-01-252-1/+40
|
* Minor MIGRATE refactoring.antirez2016-01-251-5/+12
| | | | | | | Centralize cleanup of newargv in a single place. Add more comments to help a bit following a complex function. Related to issue #3016.
* More variadic MIGRATE fixes.antirez2016-01-251-8/+9
| | | | | | | | | | | Another leak was fixed in the case of syntax error by restructuring the allocation strategy for the two dynamic vectors. We also make sure to always close the cached socket on I/O errors so that all the I/O errors are handled the same, even if we had a previously queued error of a different kind from the destination server. Thanks to Kevin McGehee. Related to issue #3016.
* Various fixes to MIGRATE with multiple keys.antirez2016-01-251-12/+45
| | | | | | | In issue #3016 Kevin McGehee identified multiple very serious issues in the new implementation of MIGRATE. This commit attempts to restructure the code in oder to avoid mistakes, an analysis of the new implementation is in progress in order to check for possible edge cases.
* Test: Handle LOADING in restart_instance.antirez2016-01-251-0/+12
|
* Detect and show crashes on Sentinel/Cluster tests.antirez2016-01-251-0/+18
|
* Cluster: fix setting nodes slaveof pointer to NULL on node release.antirez2016-01-251-14/+3
| | | | | | | | | | | | | | With this commit we preserve the list of nodes that have .slaveof set to the node, even when the node is turned into a slave, and make sure to fix the .slaveof pointers to NULL when a node is freed from memory, regardless of the fact it's a slave or a master. Basically we try to remember the logical master in the current configuration even if the logical master advertised it as a slave already. However we still remember the associations, so that when a node is freed we can fix them. This should fix issue #3002.
* Cluster: clarify node->slave may be NULL.antirez2016-01-251-1/+4
|
* Cluster: fix rebalancing to always empty nodes.antirez2016-01-251-3/+24
| | | | | | | Because of rounding error even with weight=0 sometimes a node was left with an assigned slot. Close #3001.
* Cluster: redis-trib move_to_slot: don't send SETSLOT to slaves.antirez2016-01-251-0/+1
|
* Cluster: fix redis-trib reference of variable in warning.antirez2016-01-251-1/+1
|
* CLUSTER BUMPEPOCH initial implementation fixed.antirez2016-01-252-14/+25
|
* Cluster: implement redis-trib fix when slot is open without owners.antirez2016-01-251-9/+39
| | | | Still work to do.
View Lorry Controller Status