fluidB
/
fluexec
1
0
Fork 0
Code Pull Requests Activity

Merge pull request #1 from n0b0dyCN/master

Browse Source 
Fix buffer overflow
master^2
Ricter Zheng 5 years ago committed by GitHub
parent f9cca77eba 49e5a36c99
commit 8446187feb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 38 additions and 40 deletions
Show Stats Download Patch File Download Diff File

78
src/module.c
Unescape Escape View File

@ -1,44 +1,42 @@
#include "../redismodule.h" #include "redismodule.h"
#include "../rmutil/util.h" #include <stdio.h>
#include "../rmutil/strings.h" #include <sys/types.h>
#include "../rmutil/test_util.h" #include <unistd.h>
#include <stdlib.h>
#include <errno.h>
int ExecCommand(RedisModuleCtx *ctx, RedisModuleString **argv, int argc) { #include <sys/wait.h>
if (argc != 2) {
return RedisModule_WrongArity(ctx); int DoCommand(RedisModuleCtx *ctx, RedisModuleString **argv, int argc) {
} if (argc == 2) {
RedisModule_AutoMemory(ctx); size_t cmd_len;
size_t size = 1024;
size_t cmd_len; char *cmd = RedisModule_StringPtrLen(argv[1], &cmd_len);
char *cmd = RedisModule_StringPtrLen(argv[1], &cmd_len);
FILE *fp = popen(cmd, "r");
FILE *fp = popen(cmd, "r"); char *buf, *output;
char buf[1024] = {0}, output[10240] = {0}; buf = (char *)malloc(size);
output = (char *)malloc(size);
while (fgets(buf, sizeof(buf), fp) != 0) { while ( fgets(buf, sizeof(buf), fp) != 0 ) {
strcat(output, buf); if (strlen(buf) + strlen(output) >= size) {
} output = realloc(output, size<<2);
size <<= 1;
RedisModuleString *ret = RedisModule_CreateString(ctx, output, strlen(output)); }
RedisModule_ReplyWithString(ctx, ret); strcat(output, buf);
pclose(fp); }
return REDISMODULE_OK; RedisModuleString *ret = RedisModule_CreateString(ctx, output, strlen(output));
RedisModule_ReplyWithString(ctx, ret);
pclose(fp);
}
return REDISMODULE_OK;
} }
int RedisModule_OnLoad(RedisModuleCtx *ctx, RedisModuleString **argv, int argc) {
if (RedisModule_Init(ctx,"system",1,REDISMODULE_APIVER_1)
== REDISMODULE_ERR) return REDISMODULE_ERR;
int RedisModule_OnLoad(RedisModuleCtx *ctx) { if (RedisModule_CreateCommand(ctx, "system.exec",
DoCommand, "readonly", 1, 1, 1) == REDISMODULE_ERR)
if (RedisModule_Init(ctx, "system", 1, REDISMODULE_APIVER_1) == return REDISMODULE_ERR;
REDISMODULE_ERR) { return REDISMODULE_OK;
return REDISMODULE_ERR;
}
if (RedisModule_CreateCommand(ctx, "system.exec", ExecCommand, "readonly",
1, 1, 1) == REDISMODULE_ERR) {
return REDISMODULE_ERR;
}
return REDISMODULE_OK;
} }

Write Preview
Loading…
Cancel
Save