[meta-oe,kirkstone,1/5] redis: fix CVE-2023-41056

diff --git a/meta-oe/recipes-extended/redis/redis-7.0.13/CVE-2023-41056.patch b/meta-oe/recipes-extended/redis/redis-7.0.13/CVE-2023-41056.patch
new file mode 100644
index 0000000000..036e62c8f0
--- /dev/null
+++ b/meta-oe/recipes-extended/redis/redis-7.0.13/CVE-2023-41056.patch
@@ -0,0 +1,63 @@ 
+From e351099e1119fb89496be578f5232c61ce300224 Mon Sep 17 00:00:00 2001
+From: Oran Agra <oran@redislabs.com>
+Date: Sun, 7 Jan 2024 12:32:44 +0200
+Subject: [PATCH] Fix possible corruption in sdsResize (CVE-2023-41056)
+
+#11766 introduced a bug in sdsResize where it could forget to update
+the sds type in the sds header and then cause an overflow in sdsalloc.
+it looks like the only implication of that is a possible assertion in HLL,
+but it's hard to rule out possible heap corruption issues with clientsCronResizeQueryBuffer
+
+CVE: CVE-2023-41056
+
+Upstream-Status: Backport [https://github.com/redis/redis/commit/e351099e1119fb89496be578f5232c61ce300224]
+
+Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
+---
+ src/sds.c | 30 ++++++++++++++++--------------
+ 1 file changed, 16 insertions(+), 14 deletions(-)
+
+diff --git a/src/sds.c b/src/sds.c
+index 8e5863a..71490d5 100644
+--- a/src/sds.c
++++ b/src/sds.c
+@@ -348,20 +348,22 @@ sds sdsResize(sds s, size_t size, int would_regrow) {
+      * type. */
+     int use_realloc = (oldtype==type || (type < oldtype && type > SDS_TYPE_8));
+     size_t newlen = use_realloc ? oldhdrlen+size+1 : hdrlen+size+1;
+-    int alloc_already_optimal = 0;
+-    #if defined(USE_JEMALLOC)
+-        /* je_nallocx returns the expected allocation size for the newlen.
+-         * We aim to avoid calling realloc() when using Jemalloc if there is no
+-         * change in the allocation size, as it incurs a cost even if the
+-         * allocation size stays the same. */
+-        alloc_already_optimal = (je_nallocx(newlen, 0) == zmalloc_size(sh));
+-    #endif
+-
+-    if (use_realloc && !alloc_already_optimal) {
+-        newsh = s_realloc(sh, newlen);
+-        if (newsh == NULL) return NULL;
+-        s = (char*)newsh+oldhdrlen;
+-    } else if (!alloc_already_optimal) {
++
++    if (use_realloc) {
++        int alloc_already_optimal = 0;
++        #if defined(USE_JEMALLOC)
++            /* je_nallocx returns the expected allocation size for the newlen.
++             * We aim to avoid calling realloc() when using Jemalloc if there is no
++             * change in the allocation size, as it incurs a cost even if the
++             * allocation size stays the same. */
++            alloc_already_optimal = (je_nallocx(newlen, 0) == zmalloc_size(sh));
++        #endif
++        if (!alloc_already_optimal) {
++            newsh = s_realloc(sh, newlen);
++            if (newsh == NULL) return NULL;
++            s = (char*)newsh+oldhdrlen;
++        }
++    } else {
+         newsh = s_malloc(newlen);
+         if (newsh == NULL) return NULL;
+         memcpy((char*)newsh+hdrlen, s, len);
+-- 
+2.40.0
+
diff --git a/meta-oe/recipes-extended/redis/redis_7.0.13.bb b/meta-oe/recipes-extended/redis/redis_7.0.13.bb
index e88ab4ddf5..dc5f9b7a89 100644
--- a/meta-oe/recipes-extended/redis/redis_7.0.13.bb
+++ b/meta-oe/recipes-extended/redis/redis_7.0.13.bb
@@ -16,6 +16,7 @@  SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
            file://0001-src-Do-not-reset-FINAL_LIBS.patch \
            file://GNU_SOURCE-7.patch \
            file://0006-Define-correct-gregs-for-RISCV32.patch \
+           file://CVE-2023-41056.patch \
            "
 SRC_URI[sha256sum] = "97065774d5fb8388eb0d8913458decfcb167d356e40d31dd01cd30c1cc391673"