🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ license/snyk check is complete. No issues have been found. (View Details)

Checkmarx One – Scan Summary & Details – 7e0c6d0f-24cd-4f87-b462-51df94f93048

New Issues (14)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	Buffer_Improper_Index_Access	/src/config.c: 694	details The array index buf at /src/config.c in line 694 is used to reference an index of a cell of the array s at /src/sds.c in line 216 in a way that m... ID: CcxCd7zCj7XGI3JejVm4%2Bx1iY7Q%3D Attack Vector
	Buffer_Improper_Index_Access	/src/config.c: 678	details The array index buf at /src/config.c in line 678 is used to reference an index of a cell of the array s at /src/sds.c in line 216 in a way that m... ID: 1NfUC5IPUiz9BAM6hbpUQY%2B69c8%3D Attack Vector
	Buffer_Improper_Index_Access	/src/config.c: 2752	details The array index eptr at /src/config.c in line 2752 is used to reference an index of a cell of the array eptr at /src/config.c in line 2752 in a w... ID: OMWUIte6a5DDJkGcv3wrfcjyslM%3D Attack Vector
	Buffer_Improper_Index_Access	/src/config.c: 1120	details The array index config at /src/config.c in line 1120 is used to reference an index of a cell of the array s at /src/sds.c in line 216 in a way th... ID: muDfrMp37aBkYEO7ZYO0pBQJ9BE%3D Attack Vector
	Buffer_Improper_Index_Access	/src/config.c: 704	details The array index buf at /src/config.c in line 704 is used to reference an index of a cell of the array s at /src/sds.c in line 216 in a way that m... ID: zUR%2BxndaF6FzoAxkbTFsn6dhDRA%3D Attack Vector
	Buffer_Improper_Index_Access	/src/config.c: 2221	details The array index buf at /src/config.c in line 2221 is used to reference an index of a cell of the array buf at /src/config.c in line 2221 in a way... ID: iJXH1tTsATdKy8FxI8dZrTsB0pw%3D Attack Vector
	Buffer_Improper_Index_Access	/src/config.c: 2222	details The array index buf at /src/config.c in line 2222 is used to reference an index of a cell of the array buf at /src/config.c in line 2222 in a way... ID: 8vwR71VGCPRRblto%2FrnJFHyv2eY%3D Attack Vector
	Buffer_Overflow_Wrong_Buffer_Size	/deps/linenoise/linenoise.c: 1200	details The buffer buf created in /deps/linenoise/linenoise.c at line 1200 is written to a buffer in /deps/hiredis/sds.c at line 97 by sh, but an error i... ID: oykVSjUcVC%2FEMplDwW4P3YG7%2FzE%3D Attack Vector
	Buffer_Overflow_Wrong_Buffer_Size	/src/redis-cli.c: 3677	details The buffer buf created in /src/redis-cli.c at line 3677 is written to a buffer in /deps/hiredis/sds.c at line 234 by newsh, but an error in calc... ID: %2BpSSxZAM7xfUiads1egmyYebO5I%3D Attack Vector
	Buffer_Overflow_Wrong_Buffer_Size	/src/redis-cli.c: 3677	details The buffer buf created in /src/redis-cli.c at line 3677 is written to a buffer in /deps/hiredis/sds.c at line 234 by hdrlen, but an error in cal... ID: zN%2FI3F1XTVrKpHuopU6EZZmWXt4%3D Attack Vector
	Buffer_Overflow_Wrong_Buffer_Size	/src/redis-cli.c: 10594	details The buffer argv created in /src/redis-cli.c at line 10594 is written to a buffer in /deps/hiredis/sds.c at line 97 by sh, but an error in calcul... ID: eStOv%2FTaWfWWBCJCCgzT7mgYJU0%3D Attack Vector
	Buffer_Overflow_Wrong_Buffer_Size	/deps/linenoise/linenoise.c: 1166	details The buffer fgetc created in /deps/linenoise/linenoise.c at line 1166 is written to a buffer in /deps/hiredis/sds.c at line 97 by sh, but an error... ID: v3h9G7I8PLSutWNyC8k4gGzAdDA%3D Attack Vector
	Divide_By_Zero	/modules/vector-sets/fastjson_test.c: 121	details The application performs an illegal operation in generate_random_string, in /modules/vector-sets/fastjson_test.c. In line 121, the program at... ID: qiowoZ%2FDUFf8wA3ZCvKY8M0GHks%3D Attack Vector
	Divide_By_Zero	/src/redis-cli.c: 6040	details The application performs an illegal operation in clusterManagerNodeMasterRandom, in /src/redis-cli.c. In line 6053, the program attempts to divi... ID: Wdmj3BiFZXbdNClmOY%2Fr1waYywk%3D Attack Vector

Fixed Issues (5)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	Buffer_Overflow_Wrong_Buffer_Size	/src/redis-cli.c: 3677
	Buffer_Overflow_Wrong_Buffer_Size	/src/redis-cli.c: 3677
	Buffer_Overflow_Wrong_Buffer_Size	/src/redis-cli.c: 3677
	Buffer_Overflow_Wrong_Buffer_Size	/src/redis-cli.c: 3677
	Divide_By_Zero	/deps/jemalloc/src/nstime.c: 149

@oranagra Do you think adding a new module api RM_ConfigSetUnsignedConfig would be a good idea to disambiguate the current API?
The example you gave with maxmemory (#14051 (comment)).
The current code in unstable prevents one to pass a value bigger than 2^63-1. But If I remove the non-negativity check one has to pass f.e -1 which will implicitly convert it to ULLONG_MAX.

With RM_ConfigSetUnsignedConfig the parameter would be unsigned long long.

looking at all the config related interfaces we have, none of them use unsigned, so either we add it across the board, or suffice with what we have.
maybe we can move or remove a boundary check, and document what users can do to get around that?

looking at all the config related interfaces we have, none of them use unsigned, so either we add it across the board, or suffice with what we have. maybe we can move or remove a boundary check, and document what users can do to get around that?

I guess if we didn't need unsigned up until now we are safe to move on without them?
This PR removes the boundary check and RM_ConfigSetNumeric explicitly states that passing negative values is meant only for configs that support percentage arguments so we are good to go?

Only thing I'm worried, I rmbr talking that maybe it's not a good idea to revert the breaking change since we already introduced a breaking change and unbreaking it would be a second breaking change. How do we feel about that?

I guess if we didn't need unsigned up until now we are safe to move on without them?

i wouldn't argue that we didn't need them, maybe some modules did, maybe they didn't even realize that.

This PR removes the boundary check and RM_ConfigSetNumeric explicitly states that passing negative values is meant only for configs that support percentage arguments so we are good to go?

in many times there's a gap between the docs and the code, it could be because of a misunderstanding, or because we often care less about docs, but either way, people use what works, even if the doc says otherwise, and if there's a conflict we'll often decide to fix the doc.
so in this case, i think it's ok to document both (percentage for configs that support percentage, and negative for unsigned).
(i hope i'm not mixing up things due to lack of attention span, let me know if i do)

Only thing I'm worried, I rmbr talking that maybe it's not a good idea to revert the breaking change since we already introduced a breaking change and unbreaking it would be a second breaking change. How do we feel about that?

if the breakage is fairly recent, i think it's better to unbreak it, i think it's likely that people didn't upgrade and didn't notice it.
specifically since it's a niche feature.

so in this case, i think it's ok to document both (percentage for configs that support percentage, and negative for unsigned).

so you suggest we put a boundary check for unsigned inside RM_ConfigSetNumeric