Skip to content

Sanitize dump payload: fix double free after insert dup nodekey to stream rax and returns 0#9399

Merged
oranagra merged 2 commits intoredis:unstablefrom
sundb:fuzzer-stream-listpack
Aug 20, 2021
Merged

Sanitize dump payload: fix double free after insert dup nodekey to stream rax and returns 0#9399
oranagra merged 2 commits intoredis:unstablefrom
sundb:fuzzer-stream-listpack

Conversation

@sundb
Copy link
Collaborator

@sundb sundb commented Aug 20, 2021

This is found by corrupt-dump-fuzzing test.
When using raxInsert to insert a duplicate nodekey, it will overwrite the old data, and finally, return 0.
This will result in both decrRefCount(o) and lpFree(lp) which will free the listpack.

@sundb sundb changed the title Sanitize dump payload: fix double free after insert dump nodekey to stream rax and return 0 Sanitize dump payload: fix double free after insert dump nodekey to stream rax and returns 0 Aug 20, 2021
@sundb sundb force-pushed the fuzzer-stream-listpack branch from 244796b to a01d5a0 Compare August 20, 2021 02:54
@sundb sundb changed the title Sanitize dump payload: fix double free after insert dump nodekey to stream rax and returns 0 Sanitize dump payload: fix double free after insert dup nodekey to stream rax and returns 0 Aug 20, 2021
@sundb sundb marked this pull request as draft August 20, 2021 03:43
@sundb sundb marked this pull request as ready for review August 20, 2021 05:22
@oranagra oranagra merged commit 492d8d0 into redis:unstable Aug 20, 2021
@sundb sundb deleted the fuzzer-stream-listpack branch August 31, 2021 07:04
JackieXie168 pushed a commit to JackieXie168/redis that referenced this pull request Sep 8, 2021
@oranagra oranagra added the release-notes indication that this issue needs to be mentioned in the release notes label Sep 30, 2021
@oranagra oranagra mentioned this pull request Oct 4, 2021
oranagra pushed a commit that referenced this pull request Oct 4, 2021
…ream rax and returns 0 (#9399)

(cherry picked from commit 492d8d0)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

release-notes indication that this issue needs to be mentioned in the release notes

Projects

Development

Successfully merging this pull request may close these issues.

2 participants