From: Vsevolod Stakhov Date: Mon, 12 Jun 2017 09:42:44 +0000 (+0100) Subject: [Minor] Fix another hiredis issue with uninitialized access X-Git-Tag: 1.6.0~12 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=13659ea7caeb1410022035e34fdd8023359c3e54;p=rspamd.git [Minor] Fix another hiredis issue with uninitialized access --- diff --git a/contrib/hiredis/async.c b/contrib/hiredis/async.c index 342b4838a..a508036e6 100644 --- a/contrib/hiredis/async.c +++ b/contrib/hiredis/async.c @@ -608,7 +608,7 @@ static int __redisAsyncCommand(redisAsyncContext *ac, redisCallbackFn *fn, void cstr += pvariant; clen -= pvariant; - if (hasnext && strncasecmp(cstr,"subscribe\r\n",11) == 0) { + if (hasnext && clen >= 11 && strncasecmp(cstr,"subscribe\r\n",11) == 0) { c->flags |= REDIS_SUBSCRIBED; /* Add every channel/pattern to the list of subscription callbacks. */ @@ -621,7 +621,7 @@ static int __redisAsyncCommand(redisAsyncContext *ac, redisCallbackFn *fn, void if (ret == 0) sdsfree(sname); } - } else if (strncasecmp(cstr,"unsubscribe\r\n",13) == 0) { + } else if (clen >= 13 && strncasecmp(cstr,"unsubscribe\r\n",13) == 0) { /* It is only useful to call (P)UNSUBSCRIBE when the context is * subscribed to one or more channels or patterns. */ if (!(c->flags & REDIS_SUBSCRIBED)) return REDIS_ERR; @@ -629,7 +629,7 @@ static int __redisAsyncCommand(redisAsyncContext *ac, redisCallbackFn *fn, void /* (P)UNSUBSCRIBE does not have its own response: every channel or * pattern that is unsubscribed will receive a message. This means we * should not append a callback function for this command. */ - } else if(strncasecmp(cstr,"monitor\r\n",9) == 0) { + } else if(clen >= 9 && strncasecmp(cstr,"monitor\r\n",9) == 0) { /* Set monitor flag and push callback */ c->flags |= REDIS_MONITORING; __redisPushCallback(&ac->replies,&cb);