From 6b578032153c3f8c5699e0a6c43c9aa615eef14b Mon Sep 17 00:00:00 2001
From: yanghuan <673020559@qq.com>
Date: Wed, 18 May 2022 10:05:29 +0800
Subject: [PATCH 1/2] =?UTF-8?q?CVE-2022-24736=E6=BC=8F=E6=B4=9E=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CVE-2022-24736.patch | 25 +++++++++++++++++++++++++
 redis6.spec          |  5 +++++
 2 files changed, 30 insertions(+)
 create mode 100644 CVE-2022-24736.patch

diff --git a/CVE-2022-24736.patch b/CVE-2022-24736.patch
new file mode 100644
index 0000000..de82362
--- /dev/null
+++ b/CVE-2022-24736.patch
@@ -0,0 +1,25 @@
+diff -Naru redis-6.0.11/src/scripting.c redis-6.0.11-new/src/scripting.c
+--- redis-6.0.11/src/scripting.c	2021-02-23 07:35:37.000000000 +0800
++++ redis-6.0.11-new/src/scripting.c	2022-05-17 10:36:53.622415000 +0800
+@@ -624,6 +624,7 @@
+      * command marked as non-deterministic was already called in the context
+      * of this script. */
+     if (cmd->flags & CMD_WRITE) {
++        /* Deny writes if we're unale to persist. */
+         int deny_write_type = writeCommandsDeniedByDiskError();
+         if (server.lua_random_dirty && !server.lua_replicate_commands) {
+             luaPushError(lua,
+@@ -646,6 +647,13 @@
+                 sdsfree(aof_write_err);
+             }
+             goto cleanup;
++        } else if (server.masterhost == NULL &&
++                   server.repl_min_slaves_max_lag &&
++                   server.repl_min_slaves_to_write &&
++                   server.repl_good_slaves_count < server.repl_min_slaves_to_write)
++        {
++            luaPushError(lua, shared.noreplicaserr->ptr);
++            goto cleanup;
+         }
+     }
+ 
diff --git a/redis6.spec b/redis6.spec
index 4a8493f..54840d3 100644
--- a/redis6.spec
+++ b/redis6.spec
@@ -28,6 +28,7 @@ Patch0005:           CVE-2021-32675.patch
 Patch0006:           CVE-2021-41099.patch
 Patch0007:           CVE-2021-32762.patch
 Patch0008:           fix-help-info.patch
+Patch0009:           CVE-2022-24736.patch
 BuildRequires:       make gcc
 %if %{with tests}
 BuildRequires:       procps-ng tcl
@@ -92,6 +93,7 @@ tar -xvf  %{SOURCE10}
 %patch0005 -p1
 %patch0006 -p1
 %patch0007 -p1
+%patch0009 -p1
 %endif
 %patch0008 -p1
 mv ../%{Pname}-doc-%{doc_commit} doc
@@ -222,6 +224,9 @@ fi
 %{_docdir}/%{Pname}
 
 %changelog
+* Mon May 16 2022 yanghuan <yanghuan92@huawei.com> - 6.0.11-7
+- Fix CVE-2022-24736
+
 * Mon Dec 06 2021 caodongxia <caodongxia@huawei.com> - 6.0.11-6
 - Fix help info 
 
-- 
Gitee


From 769a554ccb60caf4ba3f55c10149a38a023fd318 Mon Sep 17 00:00:00 2001
From: yanghuan <673020559@qq.com>
Date: Wed, 18 May 2022 10:41:30 +0800
Subject: [PATCH 2/2] =?UTF-8?q?=E9=97=A8=E7=A6=81=E9=94=99=E8=AF=AF?=
 =?UTF-8?q?=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 redis6.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/redis6.spec b/redis6.spec
index 54840d3..0efd7e2 100644
--- a/redis6.spec
+++ b/redis6.spec
@@ -6,7 +6,7 @@
 %global Pname redis
 Name:                redis6
 Version:             6.0.11
-Release:             6
+Release:             7
 Summary:             A persistent key-value database
 License:             BSD and MIT
 URL:                 https://redis.io
-- 
Gitee