diff options
Diffstat (limited to 'CVE-2019-10192-1.patch')
| -rw-r--r-- | CVE-2019-10192-1.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/CVE-2019-10192-1.patch b/CVE-2019-10192-1.patch deleted file mode 100644 index f070446..0000000 --- a/CVE-2019-10192-1.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 9f13b2bd4967334b1701c6eccdf53760cb13f79e Mon Sep 17 00:00:00 2001 -From: John Sully <john@csquare.ca> -Date: Thu, 14 Mar 2019 14:02:16 -0400 -Subject: [PATCH] Fix hyperloglog corruption - ---- - src/hyperloglog.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/hyperloglog.c b/src/hyperloglog.c -index fc21ea0065d..e993bf26e1d 100644 ---- a/src/hyperloglog.c -+++ b/src/hyperloglog.c -@@ -614,6 +614,10 @@ int hllSparseToDense(robj *o) { - } else { - runlen = HLL_SPARSE_VAL_LEN(p); - regval = HLL_SPARSE_VAL_VALUE(p); -+ if ((runlen + idx) > HLL_REGISTERS) { -+ sdsfree(dense); -+ return C_ERR; -+ } - while(runlen--) { - HLL_DENSE_SET_REGISTER(hdr->registers,idx,regval); - idx++; -@@ -1088,6 +1092,8 @@ int hllMerge(uint8_t *max, robj *hll) { - } else { - runlen = HLL_SPARSE_VAL_LEN(p); - regval = HLL_SPARSE_VAL_VALUE(p); -+ if ((runlen + i) > HLL_REGISTERS) -+ return C_ERR; - while(runlen--) { - if (regval > max[i]) max[i] = regval; - i++; |