Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix a nil map pointer in mergeEntity. #7711

Merged
merged 1 commit into from
Oct 22, 2019
Merged

Fix a nil map pointer in mergeEntity. #7711

merged 1 commit into from
Oct 22, 2019

Conversation

ncabatoff
Copy link
Collaborator

@ncabatoff ncabatoff commented Oct 22, 2019
edited
Loading

This was observed to cause a panic during startup in 1.1.3:

 panic: assignment to entry in nil map
 goroutine 116 [running]:
 github.com/hashicorp/vault/vault.(*IdentityStore).mergeEntity(0xc0052aa180, 0x30ebac0, 0xc006b08360, 0xc006b04600, 0xc006af7d40, 0xc006a3f978, 0x1, 0x1, 0x10001, 0x0, ...)
 /gopath/src/github.com/hashicorp/vault/vault/identity_store_entities.go:650 +0x23d
 github.com/hashicorp/vault/vault.(*IdentityStore).upsertEntityInTxn(0xc0052aa180, 0x30ebac0, 0xc006b08360, 0xc006b04600, 0xc006af7d40, 0x0, 0x27f2200, 0x0, 0x0)
 /gopath/src/github.com/hashicorp/vault/vault/identity_store_util.go:380 +0x9ab
 github.com/hashicorp/vault/vault.(*IdentityStore).upsertEntity(0xc0052aa180, 0x30ebac0, 0xc006b08360, 0xc006af7d40, 0x0, 0x4fcc400, 0x0, 0x0)
 /gopath/src/github.com/hashicorp/vault/vault/identity_store_util.go:470 +0xbc
 github.com/hashicorp/vault/vault.(*IdentityStore).loadEntities(0xc0052aa180, 0x30eba00, 0xc000cdc0c0, 0x40c238, 0x20)
 /gopath/src/github.com/hashicorp/vault/vault/identity_store_util.go:307 +0x774
 github.com/hashicorp/vault/vault.(*Core).loadIdentityStoreArtifacts.func1(0x30eba00, 0xc000cdc0c0, 0xc0029df240, 0xc0057d42c0)
 /gopath/src/github.com/hashicorp/vault/vault/identity_store_util.go:38 +0x56
 github.com/hashicorp/vault/vault.(*Core).loadIdentityStoreArtifacts(0xc0004a8000, 0x30eba00, 0xc000cdc0c0, 0x0, 0x0)
 /gopath/src/github.com/hashicorp/vault/vault/identity_store_util.go:47 +0x17f
 github.com/hashicorp/vault/vault.standardUnsealStrategy.unseal(0x30eba00, 0xc000cdc0c0, 0x3105fe0, 0xc00008efc0, 0xc0004a8000, 0x0, 0x0)
 /gopath/src/github.com/hashicorp/vault/vault/core.go:1499 +0x59f
 github.com/hashicorp/vault/vault.(*Core).postUnseal(0xc0004a8000, 0x30eba00, 0xc000cdc0c0, 0xc000a09e80, 0x30cbd20, 0x5017ce8, 0x0, 0x0)
 /gopath/src/github.com/hashicorp/vault/vault/core.go:1561 +0x2fc
 github.com/hashicorp/vault/vault.(*Core).waitForLeadership(0xc0004a8000, 0xc0006f9500, 0xc000604de0, 0xc00007c540)
 /gopath/src/github.com/hashicorp/vault/vault/ha.go:518 +0xaa3
 github.com/hashicorp/vault/vault.(*Core).runStandby.func7(0xc00058cfaf, 0xc0002128c0)
 /gopath/src/github.com/hashicorp/vault/vault/ha.go:371 +0x45
 github.com/hashicorp/vault/vendor/github.com/oklog/run.(*Group).Run.func1(0xc0006f9560, 0xc00065df50, 0xc00000ae00)
 /gopath/src/github.com/hashicorp/vault/vendor/github.com/oklog/run/group.go:38 +0x27
 created by github.com/hashicorp/vault/vendor/github.com/oklog/run.(*Group).Run
 /gopath/src/github.com/hashicorp/vault/vendor/github.com/oklog/run/group.go:37 +0xbe

@ncabatoff ncabatoff added this to the 1.2.4 milestone Oct 22, 2019
@ncabatoff ncabatoff requested a review from jefferai October 22, 2019 13:27
chrishoffman
chrishoffman previously approved these changes Oct 22, 2019
View reviewed changes
chrishoffman
chrishoffman reviewed Oct 22, 2019
View reviewed changes
vault/identity_store_entities.go
@@ -649,6 +650,9 @@ func (i *IdentityStore) mergeEntity(ctx context.Context, txn *memdb.Txn, toEntit
if ok && !force {
return nil, fmt.Errorf("conflicting MFA config ID %q in entity ID %q", configID, fromEntity.ID)
} else {
if toEntity.MFASecrets == nil {
toEntity.MFASecrets = make(map[string]*mfa.Secret)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should the nil check move up to line 649 when you initially check the key?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not an error/panic to read from a nil map, only to write to one.

@chrishoffman chrishoffman dismissed their stale review October 22, 2019 13:37

Rereviewed.

@ncabatoff ncabatoff merged commit 7db0d2e into master Oct 22, 2019
@ncabatoff ncabatoff deleted the fix-nil-pointer-in-mergeEntity branch October 22, 2019 13:57
ncabatoff added a commit that referenced this pull request Oct 22, 2019
@ncabatoff
Fix a nil map pointer in mergeEntity. (#7711)
46c34b6
briankassouf pushed a commit that referenced this pull request Oct 23, 2019
@ncabatoff @briankassouf
Fix a nil map pointer in mergeEntity. (#7711) (#7712)
5a23aab
catsby added a commit that referenced this pull request Oct 24, 2019
@catsby
Merge branch 'master' into f-template-followups
d5ce465 
* master:
  changelog++
  Update CHANGELOG.md
  Abstract generate-root authentication into the strategy interface (#7698)
  Changelog: clarify enterprise seal migration fix
  changelog++
  Update transit docs to add aes128/p384/p521 information (#7718)
  Show versions that are active when delete_version_after is configured (#7685)
  changelog++
  agent: fix data race on inmemSink's token (#7707)
  Use docker instead of an external LDAP server that sometimes goes down (#7522)
  changelog++
  Fix a nil map pointer in mergeEntity. (#7711)
  changelog++
  TestSysRekey_Verification would fail sometimes when recovery=true (#7710)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrishoffman chrishoffman chrishoffman approved these changes

@jefferai jefferai Awaiting requested review from jefferai

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.2.4-confirmed-backport
Development

Successfully merging this pull request may close these issues.
3 participants
@ncabatoff @chrishoffman @jefferai