diff options
author | michael-grunder <michael.grunder@gmail.com> | 2019-12-04 22:52:59 +0300 |
---|---|---|
committer | michael-grunder <michael.grunder@gmail.com> | 2019-12-05 08:07:22 +0300 |
commit | 25cdaee62f22059cbfb8998b08bc8f22e4ad78c8 (patch) | |
tree | 27d68e8213894851a91f83ad8bd42055cb364707 /library.c | |
parent | 7b6072e05f49f5165765f81152bf685dc4888065 (diff) |
Switch to snprintf and modify challenge string
* It should be impossible to cause a buffer overrun with this format
string but use the safer version anyway.
* Make the phpredis challenge string searchable and add 32 bits of
entropy since it's theoretically possible that two machines would
generate the same `tv_sec` + `tv_usec` string.
Diffstat (limited to 'library.c')
-rw-r--r-- | library.c | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -1800,8 +1800,8 @@ redis_sock_create(char *host, int host_len, int port, static int redis_sock_check_liveness(RedisSock *redis_sock) { - char inbuf[4096], uniqid[32], *response; - int uniqid_len, response_len; + char inbuf[4096], uniqid[64]; + int uniqid_len; smart_string cmd = {0}; struct timeval tv; size_t len; @@ -1811,7 +1811,7 @@ redis_sock_check_liveness(RedisSock *redis_sock) redis_cmd_append_sstr(&cmd, ZSTR_VAL(redis_sock->auth), ZSTR_LEN(redis_sock->auth)); } gettimeofday(&tv, NULL); - uniqid_len = sprintf(uniqid, "%08lx%05lx", tv.tv_sec, tv.tv_usec); + uniqid_len = snprintf(uniqid, sizeof(uniqid), "phpredis_pool:%08lx%05lx:%08" PRIx32, (long)tv.tv_sec, (long)tv.tv_usec, php_mt_rand()); redis_cmd_init_sstr(&cmd, 1, "PING", sizeof("PING") - 1); redis_cmd_append_sstr(&cmd, uniqid, uniqid_len); smart_string_0(&cmd); |