Prevent clients from making too large multibulk requests

This commit is contained in:
Pieter Noordhuis 2010-10-15 19:15:38 +02:00
parent ea5b70924d
commit b19c33d48a
2 changed files with 11 additions and 0 deletions

View File

@ -724,6 +724,10 @@ int processMultibulkBuffer(redisClient *c) {
if (c->multibulklen <= 0) {
c->querybuf = sdsrange(c->querybuf,pos,-1);
return REDIS_OK;
} else if (c->multibulklen > 1024*1024) {
addReplyError(c,"Protocol error: invalid multibulk length");
setProtocolError(c,pos);
return REDIS_ERR;
}
/* Setup argv array on client structure */

View File

@ -13,6 +13,13 @@ start_server {tags {"protocol"}} {
assert_equal PONG [r ping]
}
test "Out of range multibulk length" {
reconnect
r write "*20000000\r\n"
r flush
assert_error "*invalid multibulk length*" {r read}
}
test "Wrong multibulk payload header" {
reconnect
r write "*3\r\n\$3\r\nSET\r\n\$1\r\nx\r\nfooz\r\n"