hiredis/fix-heap-buffer-overflow-in-redisvFormatCommand.patch

From 78a8af37c6fc43e5fe4487a7a0762c9473444e37 Mon Sep 17 00:00:00 2001
From: lingsheng <lingsheng@huawei.com>
Date: Fri, 4 Jun 2021 11:05:20 +0800
Subject: [PATCH] fix heap buffer overflow in redisvFormatCommand

---
 hiredis.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hiredis.c b/hiredis.c
index 73d0251..af3a079 100644
--- a/hiredis.c
+++ b/hiredis.c
@@ -375,6 +375,9 @@ int redisvFormatCommand(char **target, const char *format, va_list ap) {
 
             touched = 1;
             c++;
+            if (*c == '\0') {
+                goto format_err;
+            }
         }
         c++;
     }
-- 
2.23.0
fix heap buffer overflow in redisvFormatCommand 2021-06-04 11:18:47 +08:00			`From 78a8af37c6fc43e5fe4487a7a0762c9473444e37 Mon Sep 17 00:00:00 2001`
			`From: lingsheng <lingsheng@huawei.com>`
			`Date: Fri, 4 Jun 2021 11:05:20 +0800`
			`Subject: [PATCH] fix heap buffer overflow in redisvFormatCommand`

			`---`
			`hiredis.c \| 3 +++`
			`1 file changed, 3 insertions(+)`

			`diff --git a/hiredis.c b/hiredis.c`
			`index 73d0251..af3a079 100644`
			`--- a/hiredis.c`
			`+++ b/hiredis.c`
			`@@ -375,6 +375,9 @@ int redisvFormatCommand(char *target, const char format, va_list ap) {`

			`touched = 1;`
			`c++;`
			`+ if (*c == '\0') {`
			`+ goto format_err;`
			`+ }`
			`}`
			`c++;`
			`}`
			`--`
			`2.23.0`