gvsafronov/futriix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix double free in RDB load

Browse Source 
Former-commit-id: 070c4818715b56645855abb72af47c846fc63027
This commit is contained in:
John Sully 2019-09-28 17:38:26 -04:00
parent b01cf73999
commit 3a8d13760a
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/rdb.cpp
View File

@ -2107,7 +2107,10 @@ int rdbLoadRio(rio *rdb, rdbSaveInfo *rsi, int loading_aof) {
/* Read key */
if (key != nullptr)
{
decrRefCount(key);
key = nullptr;
}
if ((key = rdbLoadStringObject(rdb)) == NULL) goto eoferr;
/* Read value */
@ -2119,7 +2122,9 @@ int rdbLoadRio(rio *rdb, rdbSaveInfo *rsi, int loading_aof) {
* snapshot taken by the master may not be reflected on the slave. */
if (listLength(g_pserver->masters) == 0 && !loading_aof && expiretime != -1 && expiretime < now) {
decrRefCount(key);
key = nullptr;
decrRefCount(val);
val = nullptr;
} else {
/* Add the new object in the hash table */
int fInserted = dbMerge(db, key, val, rsi->fForceSetKey); // Note: dbMerge will incrRef
@ -2136,6 +2141,7 @@ int rdbLoadRio(rio *rdb, rdbSaveInfo *rsi, int loading_aof) {
else
{
decrRefCount(val);
val = nullptr;
}
}