Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix panic in storageHandler (#27446) #27479

Merged
merged 1 commit into from
Oct 6, 2023

Conversation

GiteaBot
Copy link
Contributor

@GiteaBot GiteaBot commented Oct 6, 2023

Backport #27446 by @sryze

storageHandler() is written as a middleware but is used as an endpoint handler, and thus next is actually nil, which causes a null pointer dereference when a request URL does not match the pattern (where it calls next.ServerHTTP()).

Example CURL command to trigger the panic:

curl -I "http://yourhost/gitea//avatars/a"

Fixes #27409


Note: the diff looks big but it's actually a small change - all I did was to remove the outer closure (and one level of indentation) and removed the HTTP method and pattern checks as they seem redundant because go-chi already does those checks. You might want to check "Hide whitespace" when reviewing it.

Alternative solution (a bit simpler): append , misc.DummyOK to the route declarations that utilize storageHandler() - this makes it return an empty response when the URL is invalid. I've tested this one and it works too. Or maybe it would be better to return a 400 error in that case (?)

storageHandler() is written as a middleware but is used as an endpoint
handler, and thus `next` is actually `nil`, which causes a null pointer
dereference when a request URL does not match the pattern (where it
calls `next.ServerHTTP()`).

Example CURL command to trigger the panic:

```
curl -I "http://yourhost/gitea//avatars/a"
```

Fixes go-gitea#27409

---

Note: the diff looks big but it's actually a small change - all I did
was to remove the outer closure (and one level of indentation) ~and
removed the HTTP method and pattern checks as they seem redundant
because go-chi already does those checks~. You might want to check "Hide
whitespace" when reviewing it.

Alternative solution (a bit simpler): append `, misc.DummyOK` to the
route declarations that utilize `storageHandler()` - this makes it
return an empty response when the URL is invalid. I've tested this one
and it works too. Or maybe it would be better to return a 400 error in
that case (?)
@GiteaBot GiteaBot added type/bug type/enhancement An improvement of existing functionality labels Oct 6, 2023
@GiteaBot GiteaBot added this to the 1.21.0 milestone Oct 6, 2023
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Oct 6, 2023
@pull-request-size pull-request-size bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Oct 6, 2023
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Oct 6, 2023
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Oct 6, 2023
@silverwind silverwind merged commit 5b670d8 into go-gitea:release/v1.21 Oct 6, 2023
26 checks passed
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Jan 5, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. type/bug type/enhancement An improvement of existing functionality
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants