New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

API: Fix null pointer on not logged in attempt to Sudo #5872

Merged
merged 2 commits into from Jan 28, 2019

Conversation

6 participants
@zeripath
Copy link
Contributor

zeripath commented Jan 27, 2019

If you attempt to sudo when you're not logged in the current implementation will cause a null pointer dereference. This PR protects the check to ctx.User with a ctx.IsSigned check preventing this behaviour.

Signed-off-by: Andrew Thornton art27@cantab.net

API: Fix null pointer on not logged in attempt to Sudo
Signed-off-by: Andrew Thornton <art27@cantab.net>
@codecov-io

This comment has been minimized.

Copy link

codecov-io commented Jan 27, 2019

Codecov Report

Merging #5872 into master will increase coverage by <.01%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #5872      +/-   ##
==========================================
+ Coverage   37.84%   37.85%   +<.01%     
==========================================
  Files         328      328              
  Lines       48326    48326              
==========================================
+ Hits        18290    18292       +2     
+ Misses      27404    27401       -3     
- Partials     2632     2633       +1
Impacted Files Coverage Δ
routers/api/v1/api.go 73.76% <100%> (ø) ⬆️
modules/process/manager.go 76.81% <0%> (-4.35%) ⬇️
modules/sync/unique_queue.go 89.28% <0%> (+10.71%) ⬆️
models/unit.go 14.28% <0%> (+14.28%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5f4a40c...e370217. Read the comment docs.

@lunny

lunny approved these changes Jan 28, 2019

@GiteaBot GiteaBot added lgtm/need 1 and removed lgtm/need 2 labels Jan 28, 2019

@GiteaBot GiteaBot added lgtm/done and removed lgtm/need 1 labels Jan 28, 2019

@zeripath zeripath merged commit bf47f70 into go-gitea:master Jan 28, 2019

2 checks passed

approvals/lgtm this commit looks good
continuous-integration/drone/pr the build was successful
Details

@zeripath zeripath deleted the zeripath:fix-null-pointer-on-failed-login-with-sudo branch Jan 28, 2019

zeripath added a commit to zeripath/gitea that referenced this pull request Jan 28, 2019

API: Fix null pointer in attempt to Sudo if not logged in (Backport g…
…o-gitea#5872)

Signed-off-by: Andrew Thornton <art27@cantab.net>

zeripath added a commit that referenced this pull request Jan 28, 2019

API: Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884
)

Backport of #5872 to v1.7

Signed-off-by: Andrew Thornton <art27@cantab.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment