mirror of
https://github.com/fluencelabs/redis
synced 2025-03-17 16:10:50 +00:00
Prevent clients from making too large multibulk requests
This commit is contained in:
parent
ea5b70924d
commit
b19c33d48a
@ -724,6 +724,10 @@ int processMultibulkBuffer(redisClient *c) {
|
||||
if (c->multibulklen <= 0) {
|
||||
c->querybuf = sdsrange(c->querybuf,pos,-1);
|
||||
return REDIS_OK;
|
||||
} else if (c->multibulklen > 1024*1024) {
|
||||
addReplyError(c,"Protocol error: invalid multibulk length");
|
||||
setProtocolError(c,pos);
|
||||
return REDIS_ERR;
|
||||
}
|
||||
|
||||
/* Setup argv array on client structure */
|
||||
|
@ -13,6 +13,13 @@ start_server {tags {"protocol"}} {
|
||||
assert_equal PONG [r ping]
|
||||
}
|
||||
|
||||
test "Out of range multibulk length" {
|
||||
reconnect
|
||||
r write "*20000000\r\n"
|
||||
r flush
|
||||
assert_error "*invalid multibulk length*" {r read}
|
||||
}
|
||||
|
||||
test "Wrong multibulk payload header" {
|
||||
reconnect
|
||||
r write "*3\r\n\$3\r\nSET\r\n\$1\r\nx\r\nfooz\r\n"
|
||||
|
Loading…
x
Reference in New Issue
Block a user