From 4d42541db12e6bb7c4199fde46be11cda6345d60 Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Thu, 31 Oct 2024 06:11:42 +0000
Subject: automatic import of redis

---
 CVE-2019-10192-1.patch | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 CVE-2019-10192-1.patch

(limited to 'CVE-2019-10192-1.patch')

diff --git a/CVE-2019-10192-1.patch b/CVE-2019-10192-1.patch
new file mode 100644
index 0000000..f070446
--- /dev/null
+++ b/CVE-2019-10192-1.patch
@@ -0,0 +1,33 @@
+From 9f13b2bd4967334b1701c6eccdf53760cb13f79e Mon Sep 17 00:00:00 2001
+From: John Sully <john@csquare.ca>
+Date: Thu, 14 Mar 2019 14:02:16 -0400
+Subject: [PATCH] Fix hyperloglog corruption
+
+---
+ src/hyperloglog.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/hyperloglog.c b/src/hyperloglog.c
+index fc21ea0065d..e993bf26e1d 100644
+--- a/src/hyperloglog.c
++++ b/src/hyperloglog.c
+@@ -614,6 +614,10 @@ int hllSparseToDense(robj *o) {
+         } else {
+             runlen = HLL_SPARSE_VAL_LEN(p);
+             regval = HLL_SPARSE_VAL_VALUE(p);
++            if ((runlen + idx) > HLL_REGISTERS) {
++                sdsfree(dense);
++                return C_ERR;
++            }
+             while(runlen--) {
+                 HLL_DENSE_SET_REGISTER(hdr->registers,idx,regval);
+                 idx++;
+@@ -1088,6 +1092,8 @@ int hllMerge(uint8_t *max, robj *hll) {
+             } else {
+                 runlen = HLL_SPARSE_VAL_LEN(p);
+                 regval = HLL_SPARSE_VAL_VALUE(p);
++                if ((runlen + i) > HLL_REGISTERS)
++                    return C_ERR;
+                 while(runlen--) {
+                     if (regval > max[i]) max[i] = regval;
+                     i++;
-- 
cgit v1.2.3