redis: check redis command for taint

Signed-off-by: Steve Bennett <steveb@workware.net.au>
author: Steve Bennett <steveb@workware.net.au> 2021-07-29 15:20:12 +1000
committer: Steve Bennett <steveb@workware.net.au> 2025-07-16 09:34:08 +1000
commit: 6e8ee5b02733d0210131a841658988b07902f09a (patch)
tree: 02ea71763d3adc75c1c1710a8764c5c3794faa1d
parent: 07a005e878eddb95e47ecdf07ffcd0e306cea9f9 (diff)
download: jimtcl-6e8ee5b02733d0210131a841658988b07902f09a.zip
jimtcl-6e8ee5b02733d0210131a841658988b07902f09a.tar.gz
jimtcl-6e8ee5b02733d0210131a841658988b07902f09a.tar.bz2
1 files changed, 5 insertions, 1 deletions
diff --git a/jim-redis.c b/jim-redis.c
index d7e5770..fb16b13 100644
--- a/jim-redis.c
+++ b/jim-redis.c
@@ -135,6 +135,10 @@ static int jim_redis_subcmd(Jim_Interp *interp, int argc, Jim_Obj *const *argv)
             reply = NULL;
         }
     }
+    else if (Jim_GetObjTaint(argv[1]) & JIM_TAINT_ANY) {
+        Jim_SetTaintError(interp, 1, argv);
+        return JIM_ERR;
+    }
     else {
         int nargs = argc - 1;
         args = Jim_Alloc(sizeof(*args) * nargs);
@@ -209,7 +213,7 @@ static int jim_redis_cmd(Jim_Interp *interp, int argc, Jim_Obj *const *argv)
         ret = Jim_GetLong(interp, Jim_GetResult(interp), &fd) == JIM_ERR;
     }
     if (ret != JIM_OK) {
-        Jim_SetResultFormatted(interp, "%#s: not a valid stream handle: %#s", argv[0], argv[1]);
+        Jim_SetResultFormatted(interp, "%#s: not a valid stream handle: %#s", argv[0], argv[1 + async]);
         return ret;
     }
author	Steve Bennett <steveb@workware.net.au>	2021-07-29 15:20:12 +1000
committer	Steve Bennett <steveb@workware.net.au>	2025-07-16 09:34:08 +1000
commit	6e8ee5b02733d0210131a841658988b07902f09a (patch)
tree	02ea71763d3adc75c1c1710a8764c5c3794faa1d
parent	07a005e878eddb95e47ecdf07ffcd0e306cea9f9 (diff)
download	jimtcl-6e8ee5b02733d0210131a841658988b07902f09a.zip jimtcl-6e8ee5b02733d0210131a841658988b07902f09a.tar.gz jimtcl-6e8ee5b02733d0210131a841658988b07902f09a.tar.bz2