search

slact / nchan

Fast, horizontally scalable, multiprocess pub/sub queuing server and proxy for HTTP, long-polling, Websockets and EventSource (SSE), powered by Nginx.
https://nchan.io/
Other
2.99k stars 292 forks source link

fix the integer overflow #684

Open Crispy-fried-chicken opened 4 months ago

Crispy-fried-chicken commented 4 months ago

fix the vulnerability mentioned in https://github.com/slact/nchan/issues/682

slact commented 4 months ago

...are you serious? Okay, then.

https://github.com/slact/nchan/blob/4461dbe99aecb51bf1afe6d00404c610f6ef706e/src/store/redis/hiredis/CHANGELOG.md?plain=1#L1-L4

There is nothing to fix.

Crispy-fried-chicken commented 4 months ago

but you can see in the newest version of hiredis, the https://github.com/redis/hiredis/blob/398e16e7cc20545a19f2af2293cc6f04310e6b7a/sds.c#L93C1-L93C78 is added which is similiar to the fix of the CVE-2021-21309, maybe you can fix it? Cause the vulnerability still exist.

slact commented 4 months ago

Okay okay I guess you're serious. Fine, even though there's no way to exploit this without letting Nginx accept >4Gb messages (instant DoS), which is way outside the realm of sanity, I will upgrade hiredis to the latest version.