From c00453da1d01dbd2de40d26602c979b516f8a47f Mon Sep 17 00:00:00 2001 From: antirez Date: Fri, 13 Dec 2013 11:29:59 +0100 Subject: [PATCH] SDIFF iterator misuse fixed in diff algorithm #1. The bug could be easily triggered by: SADD foo a b c 1 2 3 4 5 6 SDIFF foo foo When the key was the same in two sets, an unsafe iterator was used to check existence of elements in the same set we were iterating. Usually this would just result into a wrong output, however with the dict.c API misuse protection we have in place, the result was actually an assertion failed that was triggered by the CI test, while creating random datasets for the "MASTER and SLAVE consistency" test. --- src/t_set.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/t_set.c b/src/t_set.c index 0ba8335aa..6e8e1f4e0 100644 --- a/src/t_set.c +++ b/src/t_set.c @@ -820,6 +820,7 @@ void sunionDiffGenericCommand(redisClient *c, robj **setkeys, int setnum, robj * while((ele = setTypeNextObject(si)) != NULL) { for (j = 1; j < setnum; j++) { if (!sets[j]) continue; /* no key is an empty set. */ + if (sets[j] == sets[0]) break; /* same set! */ if (setTypeIsMember(sets[j],ele)) break; } if (j == setnum) {