Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

BITCOUNT: fix segmentation fault.

remove unsafe and unnecessary cast.
until now, this cast may lead segmentation fault when end > UINT_MAX

setbit foo 0 1
bitcount  0 4294967295
=> ok
bitcount  0 4294967296
=> cause segmentation fault.

Note by @antirez: the commit was modified a bit to also change the
string length type to long, since it's guaranteed to be at max 512 MB in
size, so we can work with the same type across all the code path.

A regression test was also added.
  • Loading branch information...
commit 749aac72ad980bf08b04655634590b80e2fd014c 1 parent 24bc807
@trapezoid trapezoid authored committed
Showing with 8 additions and 3 deletions.
  1. +2 −3 src/bitops.c
  2. +6 −0 tests/unit/bitops.tcl
View
5 src/bitops.c
@@ -327,10 +327,9 @@ void bitopCommand(redisClient *c) {
/* BITCOUNT key [start end] */
void bitcountCommand(redisClient *c) {
robj *o;
- long start, end;
+ long start, end, strlen;
unsigned char *p;
char llbuf[32];
- size_t strlen;
/* Lookup, check for type, and return 0 for non existing keys. */
if ((o = lookupKeyReadOrReply(c,c->argv[1],shared.czero)) == NULL ||
@@ -357,7 +356,7 @@ void bitcountCommand(redisClient *c) {
if (end < 0) end = strlen+end;
if (start < 0) start = 0;
if (end < 0) end = 0;
- if ((unsigned)end >= strlen) end = strlen-1;
+ if (end >= strlen) end = strlen-1;
} else if (c->argc == 2) {
/* The whole string. */
start = 0;
View
6 tests/unit/bitops.tcl
@@ -73,6 +73,12 @@ start_server {tags {"bitops"}} {
set e
} {ERR*syntax*}
+ test {BITCOUNT regression test for github issue #582} {
+ r del str
+ r setbit foo 0 1
+ r bitcount foo 0 4294967296
+ } {1}
+
test {BITOP NOT (empty string)} {
r set s ""
r bitop not dest s
Please sign in to comment.
Something went wrong with that request. Please try again.