From 190e956e0191555dd513b9e8e29fc7d36e70dcb4 Mon Sep 17 00:00:00 2001
From: KIMDONGYEON00 <dongyeonkim2000@gmail.com>
Date: Tue, 15 Jul 2025 01:32:06 +0900
Subject: [PATCH] CVE-2021-32756

---
 third_party/hiredis/hiredis.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/third_party/hiredis/hiredis.c b/third_party/hiredis/hiredis.c
index 67c2185ac..1178e0275 100644
--- a/third_party/hiredis/hiredis.c
+++ b/third_party/hiredis/hiredis.c
@@ -194,6 +194,7 @@ static void *createArrayObject(const redisReadTask *task, size_t elements) {
         return NULL;
 
     if (elements > 0) {
+        if (SIZE_MAX / sizeof(redisReply*) < elements) return NULL;  /* Don't overflow */
         r->element = hi_calloc(elements,sizeof(redisReply*));
         if (r->element == NULL) {
             freeReplyObject(r);