File CVE-2024-31449.patch of Package redis7

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2024-31449.patch of Package redis7

From fe8de4313f85e0f8af2eff1f78b52cfe56fb4c71 Mon Sep 17 00:00:00 2001
From: Oran Agra <oran@redislabs.com>
Date: Wed, 2 Oct 2024 19:54:06 +0300
Subject: [PATCH] Fix lua bit.tohex (CVE-2024-31449)

INT_MIN value must be explicitly checked, and cannot be negated.
---
 deps/lua/src/lua_bit.c   | 1 +
 tests/unit/scripting.tcl | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/deps/lua/src/lua_bit.c b/deps/lua/src/lua_bit.c
index 9f83b8594b8..7e43faea47f 100644
--- a/deps/lua/src/lua_bit.c
+++ b/deps/lua/src/lua_bit.c
@@ -132,6 +132,7 @@ static int bit_tohex(lua_State *L)
   const char *hexdigits = "0123456789abcdef";
   char buf[8];
   int i;
+  if (n == INT32_MIN) n = INT32_MIN+1;
   if (n < 0) { n = -n; hexdigits = "0123456789ABCDEF"; }
   if (n > 8) n = 8;
   for (i = (int)n; --i >= 0; ) { buf[i] = hexdigits[b & 15]; b >>= 4; }
diff --git a/tests/unit/scripting.tcl b/tests/unit/scripting.tcl
index 18066a10c10..635076b16b3 100644
--- a/tests/unit/scripting.tcl
+++ b/tests/unit/scripting.tcl
@@ -613,6 +613,12 @@ start_server {tags {"scripting"}} {
         set e
     } {ERR *Attempt to modify a readonly table*}
 
+    test {lua bit.tohex bug} {
+        set res [run_script {return bit.tohex(65535, -2147483648)} 0]
+        r ping
+        set res
+    } {0000FFFF}
+
     test {Test an example script DECR_IF_GT} {
         set decr_if_gt {
             local current

Places

File CVE-2024-31449.patch of Package redis7

Places