From f4d37173fef8a020fe99a7b98e32a9201113cc09 Mon Sep 17 00:00:00 2001
From: antirez <antirez@gmail.com>
Date: Wed, 11 Sep 2019 19:42:10 +0200
Subject: [PATCH] ACL: protect MULTI/EXEC transactions after rules change.

---
 src/multi.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/multi.c b/src/multi.c
index 71090d8ed..f885fa19c 100644
--- a/src/multi.c
+++ b/src/multi.c
@@ -175,7 +175,19 @@ void execCommand(client *c) {
             must_propagate = 1;
         }
 
-        call(c,server.loading ? CMD_CALL_NONE : CMD_CALL_FULL);
+        int acl_retval = ACLCheckCommandPerm(c);
+        if (acl_retval != ACL_OK) {
+            addReplyErrorFormat(c,
+                "-NOPERM ACLs rules changed between the moment the "
+                "transaction was accumulated and the EXEC call. "
+                "This command is no longer allowed for the "
+                "following reason: %s",
+                (acl_retval == ACL_DENIED_CMD) ?
+                "no permission to execute the command or subcommand" :
+                "no permission to touch the specified keys");
+        } else {
+            call(c,server.loading ? CMD_CALL_NONE : CMD_CALL_FULL);
+        }
 
         /* Commands may alter argc/argv, restore mstate. */
         c->mstate.commands[j].argc = c->argc;