Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API: Fix null pointer on not logged in attempt to Sudo #5872

Merged
merged 2 commits into from
Jan 28, 2019
Merged

API: Fix null pointer on not logged in attempt to Sudo #5872

merged 2 commits into from
Jan 28, 2019

Conversation

zeripath
Copy link
Contributor

If you attempt to sudo when you're not logged in the current implementation will cause a null pointer dereference. This PR protects the check to ctx.User with a ctx.IsSigned check preventing this behaviour.

Signed-off-by: Andrew Thornton art27@cantab.net

@zeripath
API: Fix null pointer on not logged in attempt to Sudo
af5c49f 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@techknowlogick techknowlogick added this to the 1.8.0 milestone Jan 27, 2019
@codecov-io
Copy link

codecov-io commented Jan 27, 2019
edited
Loading

Codecov Report

Merging #5872 into master will increase coverage by <.01%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #5872      +/-   ##
==========================================
+ Coverage   37.84%   37.85%   +<.01%     
==========================================
  Files         328      328              
  Lines       48326    48326              
==========================================
+ Hits        18290    18292       +2     
+ Misses      27404    27401       -3     
- Partials     2632     2633       +1
Impacted Files Coverage Δ
routers/api/v1/api.go 73.76% <100%> (ø) ⬆️
modules/process/manager.go 76.81% <0%> (-4.35%) ⬇️
modules/sync/unique_queue.go 89.28% <0%> (+10.71%) ⬆️
models/unit.go 14.28% <0%> (+14.28%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5f4a40c...e370217. Read the comment docs.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jan 27, 2019
@techknowlogick techknowlogick added the modifies/api This PR adds API routes or modifies them label Jan 27, 2019
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jan 28, 2019
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jan 28, 2019
@zeripath zeripath merged commit bf47f70 into go-gitea:master Jan 28, 2019
@zeripath zeripath deleted the fix-null-pointer-on-failed-login-with-sudo branch January 28, 2019 16:37
zeripath added a commit to zeripath/gitea that referenced this pull request Jan 28, 2019
@zeripath
API: Fix null pointer in attempt to Sudo if not logged in (Backport g…
355698e 
…o-gitea#5872)

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath mentioned this pull request Jan 28, 2019
Merged
@techknowlogick techknowlogick added the backport/done All backports for this PR have been created label Jan 28, 2019
zeripath added a commit that referenced this pull request Jan 28, 2019
@zeripath
API: Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884
2979953 
)

Backport of #5872 to v1.7

Signed-off-by: Andrew Thornton <art27@cantab.net>
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@adelowo adelowo adelowo approved these changes

@lunny lunny lunny approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/api This PR adds API routes or modifies them type/bug
Projects
None yet
Milestone
1.8.0
Development

Successfully merging this pull request may close these issues.
6 participants
@zeripath @codecov-io @lunny @adelowo @techknowlogick @GiteaBot