- 13 6月, 2018 2 次提交
-
-
由 antirez 提交于
After the first fix to the struct package I found another similar problem, which is fixed by this patch. It could be reproduced easily by running the following script: return struct.unpack('f', "xxxxxxxxxxxxx",-3) The above will access bytes before the 'data' pointer.
-
由 antirez 提交于
During an auditing Apple found that the "struct" Lua package we ship with Redis (http://www.inf.puc-rio.br/~roberto/struct/) contains a security problem. A bound-checking statement fails because of integer overflow. The bug exists since we initially integrated this package with Lua, when scripting was introduced, so every version of Redis with EVAL/EVALSHA capabilities exposed is affected. Instead of just fixing the bug, the library was updated to the latest version shipped by the author.
-
- 13 12月, 2015 1 次提交
-
-
由 Sun He 提交于
Fix issue #2855
-
- 23 1月, 2013 1 次提交
-
-
由 antirez 提交于
There was a bug in the previous version of this library that caused a crash under the circumstances described in issue #901. The newer version of the library appears to be fixed (I tested it manually with valgrind and everything seems fine now). For more information about this library please visit this web site: http://www.inf.puc-rio.br/~roberto/struct/
-
- 14 2月, 2012 1 次提交
-
-
由 lsbardel 提交于
-