From 8f02c51f2ea30e7ff943f8d04c130bcf7afc678a Mon Sep 17 00:00:00 2001 From: Malavan Sotheeswaran Date: Tue, 5 Apr 2022 03:17:41 -0700 Subject: [PATCH] check ziplist len to avoid crash on empty ziplist convert --- src/t_zset.cpp | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/src/t_zset.cpp b/src/t_zset.cpp index 73e9316c8..ad4ea2bd4 100644 --- a/src/t_zset.cpp +++ b/src/t_zset.cpp @@ -1191,24 +1191,26 @@ void zsetConvert(robj *zobj, int encoding) { zs->dict = dictCreate(&zsetDictType,NULL); zs->zsl = zslCreate(); - eptr = ziplistIndex(zl,0); - serverAssertWithInfo(NULL,zobj,eptr != NULL); - sptr = ziplistNext(zl,eptr); - serverAssertWithInfo(NULL,zobj,sptr != NULL); + if (ziplistLen(zl) > 0) { + eptr = ziplistIndex(zl,0); + serverAssertWithInfo(NULL,zobj,eptr != NULL); + sptr = ziplistNext(zl,eptr); + serverAssertWithInfo(NULL,zobj,sptr != NULL); - while (eptr != NULL) { - score = zzlGetScore(sptr); - serverAssertWithInfo(NULL,zobj,ziplistGet(eptr,&vstr,&vlen,&vlong)); - if (vstr == NULL) - ele = sdsfromlonglong(vlong); - else - ele = sdsnewlen((char*)vstr,vlen); + while (eptr != NULL) { + score = zzlGetScore(sptr); + serverAssertWithInfo(NULL,zobj,ziplistGet(eptr,&vstr,&vlen,&vlong)); + if (vstr == NULL) + ele = sdsfromlonglong(vlong); + else + ele = sdsnewlen((char*)vstr,vlen); - node = zslInsert(zs->zsl,score,ele); - serverAssert(dictAdd(zs->dict,ele,&node->score) == DICT_OK); - zzlNext(zl,&eptr,&sptr); + node = zslInsert(zs->zsl,score,ele); + serverAssert(dictAdd(zs->dict,ele,&node->score) == DICT_OK); + zzlNext(zl,&eptr,&sptr); + } } - + zfree(zobj->m_ptr); zobj->m_ptr = zs; zobj->encoding = OBJ_ENCODING_SKIPLIST;