Static analyzer's can't tell that hi_calloc is calloc-like, and report a
potential null pointer dereference. This isn't possible but it's
probably smarter to make the test anyway in the event code changes.
* Adds an indirection to every allocation/deallocation to allow users to
plug in ones of their choosing (use custom functions, jemalloc, etc).
* Gracefully handle OOM everywhere in hiredis. This should make it possible
for users of the library to have more flexibility in how they handle such situations.
* Changes `redisReaderTask->elements` from an `int` to a `long long` to prevent
a possible overflow when transferring the task elements into a `redisReply`.
* Adds a configurable `max elements` member to `redisReader` that defaults to
2^32 - 1. This can be set to "unlimited" by setting the value to zero.
* Remove nested depth limitation.
This commit removes the nested multi-bulk depth limitation of 7.
We do this by switching to pointer to pointer indirection and
growing the stack in chunks when needed.
See: #794, #421
This makes createArray consistent with createString, which also takes
size_t. Bounds-check and unit tests are updated to allow up to
min(SIZE_MAX,LLONG_MAX).
Changelog is updated to mention this API break.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
This commit pulls string2ll from Redis (with permission from Antirez)
as strtoll is 2-3x slower and even worse vs the original version in
hiredis that didn't check for overflow at all.
By using string2ll there is almost no measurable performance impact
of overflow detection even in integer parsing heavy workloads (e.g.
INCRBY commands).
processMultiBulkItem truncates the value read from readLongLong,
resulting in a corrupted state when the next item is read.
createArray takes an int, so bound to INT_MAX.
Inspection showed that processBulkItem had the same truncation issue.
createString takes size_t, so bound to SIZE_MAX. This only has an
effect on 32-bit platforms.
A strict lower bound is also added, since negative lengths other
than -1 are invalid according to RESP.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
free(NULL) is a valid NOP. Most of the hiredis free functions behave the
same way. redisReaderFree is updated to also be NULL-safe.
There is one redundant NULL check at sds.c:1036, but it's left as is
since sds is imported from upstream.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
calloc is guaranteed to provide a zero-initialized buffer. There is
no need to set fields to zero explicitly.
Signed-off-by: Justin Brewer <jzb0012@auburn.edu>
michael-grunder
ShooterIT
Yossi Gottlieb
Mark Nunberg
qi.yang
Tom Lee
Justin Brewer
cdliuqiang@gmail.com
DongwenHuang
tzickel