From b0005ca1f656f3b966c419cd2fba99f39d1f7248 Mon Sep 17 00:00:00 2001
From: epro <yang.yang@epro.com.cn>
Date: Thu, 19 May 2022 10:01:22 +0800
Subject: [PATCH 1/5] =?UTF-8?q?=E4=BF=AE=E6=94=B9CVE=5F2022-24736=E6=BC=8F?=
 =?UTF-8?q?=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CVE-2022-24736.patch | 30 ++++++++++++++++++++++++++++++
 redis5.spec          | 15 +++++++++------
 2 files changed, 39 insertions(+), 6 deletions(-)
 create mode 100644 CVE-2022-24736.patch

diff --git a/CVE-2022-24736.patch b/CVE-2022-24736.patch
new file mode 100644
index 0000000..27862a0
--- /dev/null
+++ b/CVE-2022-24736.patch
@@ -0,0 +1,30 @@
+diff -Naru redis-5.0.14/src/scripting.c redis-5.0.14-new/src/scripting.c
+--- redis-5.0.14/src/scripting.c	2021-10-04 18:58:43.000000000 +0800
++++ redis-5.0.14-new/src/scripting.c	2022-05-17 10:36:15.851022000 +0800
+@@ -463,6 +463,10 @@
+         inuse--;
+         return raise_error ? luaRaiseError(lua) : 1;
+     }
++    
++    /* Pop all arguments from the stack, we do not need them anymore
++     * and this way we guaranty we will have room on the stack for the result. */
++    lua_pop(lua, argc);
+ 
+     /* Setup our fake client for command execution */
+     c->argv = argv;
+@@ -536,7 +540,14 @@
+             }
+             goto cleanup;
+         }
+-    }
++    } else if (server.masterhost == NULL &&
++                   server.repl_min_slaves_max_lag &&
++                   server.repl_min_slaves_to_write &&
++                   server.repl_good_slaves_count < server.repl_min_slaves_to_write)
++        {
++            luaPushError(lua, shared.noreplicaserr->ptr);
++            goto cleanup;
++        }
+ 
+     /* If we reached the memory limit configured via maxmemory, commands that
+      * could enlarge the memory usage are not allowed, but only if this is the
diff --git a/redis5.spec b/redis5.spec
index ae19aa5..a2d2355 100644
--- a/redis5.spec
+++ b/redis5.spec
@@ -5,8 +5,8 @@
 %global make_flags	DEBUG="" V="echo" LDFLAGS="%{?__global_ldflags}" CFLAGS+="%{optflags} -fPIC" INSTALL="install -p" PREFIX=%{buildroot}%{_prefix}
 %global Pname redis
 Name:                redis5
-Version:             5.0.7
-Release:             4
+Version:             5.0.14
+Release:             2
 Summary:             A persistent key-value database
 License:             BSD and MIT
 URL:                 https://redis.io
@@ -23,7 +23,8 @@ Source9:             macros.%{Pname}
 Source10:            https://github.com/antirez/%{Pname}-doc/archive/%{doc_commit}/%{Pname}-doc-%{short_doc_commit}.tar.gz
 
 Patch0001:           Modify-aarch64-architecture-jemalloc-page-size-from-from-4k-to-64k.patch
-Patch0002:           Fix-redis5-gcc-10.patch
+Patch0002:           Fix-display-error-message.patch
+Patch0003:           CVE-2022-24736.patch
 
 BuildRequires:       gcc
 %if %{with tests}
@@ -85,6 +86,7 @@ tar -xvf  %{SOURCE10}
 %patch0001 -p1
 %endif
 %patch0002 -p1
+%patch0003 -p1
 mv ../%{Pname}-doc-%{doc_commit} doc
 mv deps/lua/COPYRIGHT    COPYRIGHT-lua
 mv deps/hiredis/COPYING  COPYING-hiredis
@@ -189,12 +191,13 @@ exit 0
 %{_docdir}/%{Pname}
 
 %changelog
+
+* Tues May 19 2022 yangyang <yangyang580@huawei.com> - 5.0.14-5
+- Fix CVE-2022-24736.patch
+
 * Thu Sep 02 2021 lingsheng <lingsheng@huawei.com> - 5.0.7-4
 - Fix missing patch in source package
 
-* Tue Aug 03 2021 wangyong <wangyong187@huawei.com> - 5.0.7-3
-- Fix build error caused by GCC upgrade to GCC-10
-
 * Mon Mar 29 2021 lingsheng <lingsheng@huawei.com> - 5.0.7-2
 - Modify aarch64 architecture jemalloc page size from 4k to 64k
 
-- 
Gitee


From 41c9bca75d4b2ffd8a9aa7cb1d8732879a9ce0cd Mon Sep 17 00:00:00 2001
From: epro <yang.yang@epro.com.cn>
Date: Thu, 19 May 2022 10:05:21 +0800
Subject: [PATCH 2/5] =?UTF-8?q?=E4=BF=AE=E6=94=B9CVE=5F2022-24736=E6=BC=8F?=
 =?UTF-8?q?=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 redis5.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/redis5.spec b/redis5.spec
index a2d2355..e5408a9 100644
--- a/redis5.spec
+++ b/redis5.spec
@@ -5,8 +5,8 @@
 %global make_flags	DEBUG="" V="echo" LDFLAGS="%{?__global_ldflags}" CFLAGS+="%{optflags} -fPIC" INSTALL="install -p" PREFIX=%{buildroot}%{_prefix}
 %global Pname redis
 Name:                redis5
-Version:             5.0.14
-Release:             2
+Version:             5.0.7
+Release:             5
 Summary:             A persistent key-value database
 License:             BSD and MIT
 URL:                 https://redis.io
-- 
Gitee


From e78a062b65aa89f4edb02adfbf4c937d11236380 Mon Sep 17 00:00:00 2001
From: epro <yang.yang@epro.com.cn>
Date: Thu, 19 May 2022 10:21:54 +0800
Subject: [PATCH 3/5] =?UTF-8?q?=E4=BF=AE=E6=94=B9CVE=5F2022-24736=E6=BC=8F?=
 =?UTF-8?q?=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CVE-2022-24736.patch |  6 +++---
 redis5.spec          | 15 ++++++++-------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/CVE-2022-24736.patch b/CVE-2022-24736.patch
index 27862a0..0b90d7b 100644
--- a/CVE-2022-24736.patch
+++ b/CVE-2022-24736.patch
@@ -1,6 +1,6 @@
-diff -Naru redis-5.0.14/src/scripting.c redis-5.0.14-new/src/scripting.c
---- redis-5.0.14/src/scripting.c	2021-10-04 18:58:43.000000000 +0800
-+++ redis-5.0.14-new/src/scripting.c	2022-05-17 10:36:15.851022000 +0800
+diff -Naru redis-5.0.7/src/scripting.c redis-5.0.7-new/src/scripting.c
+--- redis-5.0.7/src/scripting.c	2021-10-04 18:58:43.000000000 +0800
++++ redis-5.0.7-new/src/scripting.c	2022-05-17 10:36:15.851022000 +0800
 @@ -463,6 +463,10 @@
          inuse--;
          return raise_error ? luaRaiseError(lua) : 1;
diff --git a/redis5.spec b/redis5.spec
index e5408a9..2d6c54a 100644
--- a/redis5.spec
+++ b/redis5.spec
@@ -23,9 +23,8 @@ Source9:             macros.%{Pname}
 Source10:            https://github.com/antirez/%{Pname}-doc/archive/%{doc_commit}/%{Pname}-doc-%{short_doc_commit}.tar.gz
 
 Patch0001:           Modify-aarch64-architecture-jemalloc-page-size-from-from-4k-to-64k.patch
-Patch0002:           Fix-display-error-message.patch
-Patch0003:           CVE-2022-24736.patch
-
+Patch0002:           Fix-redis5-gcc-10.patch
+Patch0003:           CVE-2022-24736.patch.patch
 BuildRequires:       gcc
 %if %{with tests}
 BuildRequires:       procps-ng tcl
@@ -84,9 +83,9 @@ tar -xvf  %{SOURCE10}
 %setup -n %{Pname}-%{version}
 %ifarch aarch64
 %patch0001 -p1
+%patch0003 -p1
 %endif
 %patch0002 -p1
-%patch0003 -p1
 mv ../%{Pname}-doc-%{doc_commit} doc
 mv deps/lua/COPYRIGHT    COPYRIGHT-lua
 mv deps/hiredis/COPYING  COPYING-hiredis
@@ -191,13 +190,15 @@ exit 0
 %{_docdir}/%{Pname}
 
 %changelog
-
-* Tues May 19 2022 yangyang <yangyang580@huawei.com> - 5.0.14-5
-- Fix CVE-2022-24736.patch
+* Thu May 19 2022 yangyang <yangyang480@huawei.com> - 5.0.7-5
+- Fix missing patch in source package
 
 * Thu Sep 02 2021 lingsheng <lingsheng@huawei.com> - 5.0.7-4
 - Fix missing patch in source package
 
+* Tue Aug 03 2021 wangyong <wangyong187@huawei.com> - 5.0.7-3
+- Fix build error caused by GCC upgrade to GCC-10
+
 * Mon Mar 29 2021 lingsheng <lingsheng@huawei.com> - 5.0.7-2
 - Modify aarch64 architecture jemalloc page size from 4k to 64k
 
-- 
Gitee


From 04f396d45ed5eb826933ebb4386b75ad55392e1b Mon Sep 17 00:00:00 2001
From: epro <yang.yang@epro.com.cn>
Date: Thu, 19 May 2022 10:50:22 +0800
Subject: [PATCH 4/5] =?UTF-8?q?=E4=BF=AE=E6=94=B9CVE=5F2022-24736=E6=BC=8F?=
 =?UTF-8?q?=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CVE-2022-24736.patch | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/CVE-2022-24736.patch b/CVE-2022-24736.patch
index 0b90d7b..6e97f84 100644
--- a/CVE-2022-24736.patch
+++ b/CVE-2022-24736.patch
@@ -1,18 +1,18 @@
-diff -Naru redis-5.0.7/src/scripting.c redis-5.0.7-new/src/scripting.c
---- redis-5.0.7/src/scripting.c	2021-10-04 18:58:43.000000000 +0800
-+++ redis-5.0.7-new/src/scripting.c	2022-05-17 10:36:15.851022000 +0800
-@@ -463,6 +463,10 @@
-         inuse--;
+diff -Naru redis-5.0.7/src/scripting.c "redis-5.0.7 copy/src/scripting.c"
+--- redis-5.0.7/src/scripting.c	2019-11-20 01:05:52.000000000 +0800
++++ "redis-5.0.7 copy/src/scripting.c"	2022-05-19 10:43:58.487095000 +0800
+@@ -439,6 +439,10 @@
          return raise_error ? luaRaiseError(lua) : 1;
      }
-+    
+ 
 +    /* Pop all arguments from the stack, we do not need them anymore
 +     * and this way we guaranty we will have room on the stack for the result. */
 +    lua_pop(lua, argc);
- 
++    
      /* Setup our fake client for command execution */
      c->argv = argv;
-@@ -536,7 +540,14 @@
+     c->argc = argc;
+@@ -511,7 +515,14 @@
              }
              goto cleanup;
          }
-- 
Gitee


From aa05aa48a45216dcb9837f084e4462d8d505ef55 Mon Sep 17 00:00:00 2001
From: epro <yang.yang@epro.com.cn>
Date: Thu, 19 May 2022 11:00:19 +0800
Subject: [PATCH 5/5] =?UTF-8?q?=E4=BF=AE=E6=94=B9CVE=5F2022-24736=E6=BC=8F?=
 =?UTF-8?q?=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 redis5.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/redis5.spec b/redis5.spec
index 2d6c54a..6a09438 100644
--- a/redis5.spec
+++ b/redis5.spec
@@ -24,7 +24,7 @@ Source10:            https://github.com/antirez/%{Pname}-doc/archive/%{doc_commi
 
 Patch0001:           Modify-aarch64-architecture-jemalloc-page-size-from-from-4k-to-64k.patch
 Patch0002:           Fix-redis5-gcc-10.patch
-Patch0003:           CVE-2022-24736.patch.patch
+Patch0003:           CVE-2022-24736.patch
 BuildRequires:       gcc
 %if %{with tests}
 BuildRequires:       procps-ng tcl
-- 
Gitee