Prevent negative expire parameter in HEXPIRE/HEXPIREAT/HPEXPIRE/HPEXPIREAT commands#13310
Conversation
|
LGTM but there is one related issue. I see we allow negative values for expire time and don't do overflow check correctly. @sundb @moticless Currently, |
|
@tezc, unlike |
|
@moticless the |
|
We should error on out-of-range values (negative values and values that translates to > 1/1/10000AD 00:00:00 UTC) |
|
@sundb do you feel like adding negative check as part of this PR? Otherwise, we'll fix on a follow up PR. |
|
@tezc yes, i'm working on it. this dead code cleanup has become secondary. |
Co-authored-by: Ozan Tezcan <[email protected]>
…IREAT commands (redis#13310) 1. Don't allow HEXPIRE/HEXPIREAT/HPEXPIRE/HPEXPIREAT command expire parameters is negative 2. Remove a dead code reported from Coverity. when `unit` is not `UNIT_SECONDS`, the second `if (expire > (long long) EB_EXPIRE_TIME_MAX)` will be dead code. ```c # t_hash.c 2988 /* Check expire overflow */ cond_at_most: Condition expire > 281474976710655LL, taking false branch. Now the value of expire is at most 281474976710655. 2989 if (expire > (long long) EB_EXPIRE_TIME_MAX) { 2990 addReplyErrorExpireTime(c); 2991 return; 2992 } 2994 if (unit == UNIT_SECONDS) { 2995 if (expire > (long long) EB_EXPIRE_TIME_MAX / 1000) { 2996 addReplyErrorExpireTime(c); 2997 return; 2998 } 2999 expire *= 1000; 3000 } else { at_most: At condition expire > 281474976710655LL, the value of expire must be at most 281474976710655. dead_error_condition: The condition expire > 281474976710655LL cannot be true. 3001 if (expire > (long long) EB_EXPIRE_TIME_MAX) { CID 494223: (redis#1 of 1): Logically dead code (DEADCODE) dead_error_begin: Execution cannot reach this statement: addReplyErrorExpireTime(c);. 3002 addReplyErrorExpireTime(c); 3003 return; 3004 } 3005 } ``` --------- Co-authored-by: Ozan Tezcan <[email protected]>
Don't allow HEXPIRE/HEXPIREAT/HPEXPIRE/HPEXPIREAT command expire parameters is negative
Remove a dead code reported from Coverity.
when
unitis notUNIT_SECONDS, the secondif (expire > (long long) EB_EXPIRE_TIME_MAX)will be dead code.