phpredis
diff --git a/‎library.c
Lines changed: 8 additions & 13 deletions b/‎library.c
Lines changed: 8 additions & 13 deletions
diff --git a/‎tests/RedisTest.php
Lines changed: 8 additions & 0 deletions b/‎tests/RedisTest.php
Lines changed: 8 additions & 0 deletions
@@ -3030,27 +3030,22 @@ redis_uncompress(RedisSock *redis_sock, char **dst, size_t *dstlen, const char *
         case REDIS_COMPRESSION_LZF:
 #ifdef HAVE_REDIS_LZF
             {
-                char *data;
-                int i;
+                char *data = NULL;
                 uint32_t res;
+                int i;
 
                 if (len == 0)
                     break;
 
-                /* start from two-times bigger buffer and
-                 * increase it exponentially  if needed */
+                /* Grow our buffer until we succeed or get a non E2BIG error */
                 errno = E2BIG;
                 for (i = 2; errno == E2BIG; i *= 2) {
-                    data = emalloc(i * len);
-                    if ((res = lzf_decompress(src, len, data, i * len)) == 0) {
-                        /* errno != E2BIG will brake for loop */
-                        efree(data);
-                        continue;
+                    data = erealloc(data, len * i);
+                    if ((res = lzf_decompress(src, len, data, len * i)) > 0) {
+                        *dst = data;
+                        *dstlen = res;
+                        return 1;
                     }
-
-                    *dst = data;
-                    *dstlen = res;
-                    return 1;
                 }
 
                 efree(data);
 
@@ -4730,6 +4730,14 @@ public function testCompressionLZF()
         if (!defined('Redis::COMPRESSION_LZF')) {
             $this->markTestSkipped();
         }
+
+        /* Don't crash on improperly compressed LZF data */
+        $payload = 'not-actually-lzf-compressed';
+        $this->redis->set('badlzf', $payload);
+        $this->redis->setOption(Redis::OPT_COMPRESSION, Redis::COMPRESSION_LZF);
+        $this->assertEquals($payload, $this->redis->get('badlzf'));
+        $this->redis->setOption(Redis::OPT_COMPRESSION, Redis::COMPRESSION_NONE);
+
         $this->checkCompression(Redis::COMPRESSION_LZF, 0);
     }
Original file line number	Diff line number	Diff line change
`@@ -4730,6 +4730,14 @@ public function testCompressionLZF()`
`4730`	`4730`	`if (!defined('Redis::COMPRESSION_LZF')) {`
`4731`	`4731`	`$this->markTestSkipped();`
`4732`	`4732`	`}`
	`4733`	`+`
	`4734`	`+ /* Don't crash on improperly compressed LZF data */`
	`4735`	`+ $payload = 'not-actually-lzf-compressed';`
	`4736`	`+ $this->redis->set('badlzf', $payload);`
	`4737`	`+ $this->redis->setOption(Redis::OPT_COMPRESSION, Redis::COMPRESSION_LZF);`
	`4738`	`+ $this->assertEquals($payload, $this->redis->get('badlzf'));`
	`4739`	`+ $this->redis->setOption(Redis::OPT_COMPRESSION, Redis::COMPRESSION_NONE);`
	`4740`	`+`
`4733`	`4741`	`$this->checkCompression(Redis::COMPRESSION_LZF, 0);`
`4734`	`4742`	`}`
`4735`	`4743`