From 48e0d4788434833b47892fe9f3d91be7687f25c9 Mon Sep 17 00:00:00 2001
From: Oran Agra <oran@redislabs.com>
Date: Mon, 20 Mar 2023 18:50:44 +0200
Subject: Avoid assertion when MSETNX is used with the same key twice
 (CVE-2023-28425) (#11940)

Using the same key twice in MSETNX command would trigger an assertion.

This reverts #11594 (introduced in Redis 7.0.8)
---
 tests/unit/type/string.tcl | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'tests')

diff --git a/tests/unit/type/string.tcl b/tests/unit/type/string.tcl
index a9fa894dc..b25a14f4c 100644
--- a/tests/unit/type/string.tcl
+++ b/tests/unit/type/string.tcl
@@ -234,6 +234,15 @@ start_server {tags {"string"}} {
         list [r msetnx x1{t} xxx y2{t} yyy] [r get x1{t}] [r get y2{t}]
     } {1 xxx yyy}
 
+    test {MSETNX with not existing keys - same key twice} {
+        r del x1{t}
+        list [r msetnx x1{t} xxx x1{t} yyy] [r get x1{t}]
+    } {1 yyy}
+
+    test {MSETNX with already existing keys - same key twice} {
+        list [r msetnx x1{t} xxx x1{t} zzz] [r get x1{t}]
+    } {0 yyy}
+
     test "STRLEN against non-existing key" {
         assert_equal 0 [r strlen notakey]
     }
-- 
cgit v1.2.1