Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ERROR crashing thread on null json payload (with repro case) #22919

Open
vlussenburg opened this issue Apr 11, 2023 · 1 comment
Open

ERROR crashing thread on null json payload (with repro case) #22919

vlussenburg opened this issue Apr 11, 2023 · 1 comment
Labels
Bug Report/Open Bug report/issue

Comments

@vlussenburg
Copy link

vlussenburg commented Apr 11, 2023
edited

Per Mattermost guidelines, GitHub issues are for bug reports: https://handbook.mattermost.com/contributors/contributors/ways-to-contribute/.

For troubleshooting see: https://forum.mattermost.com/.
For feature proposals see: https://mattermost.com/suggestions/

If you've found a bug--something appears unintentional--please follow these steps:

  1. Confirm you’re filing a new issue. Search existing tickets in Jira to ensure that the ticket does not already exist.

Couldn't find it.

  1. Confirm your issue does not involve security. Otherwise, please see our Responsible Disclosure Policy.

Not a direct security concern, perhaps a Denial of Service would be possible but unlikely.

  1. File a new issue using the format below. Mattermost will confirm steps to reproduce and file in Jira, or ask for more details if there is trouble reproducing it. If there's already an existing bug in Jira, it will be linked back to the GitHub issue so you can track when it gets fixed.

Done (we're in it!).

Summary

Bug report in one concise sentence

For certain payloads, a panic occurs:

{"timestamp":"2023-04-11 14:34:17.064 -07:00","level":"error","msg":"http: panic serving 127.0.0.1:51258: runtime error: invalid memory address or nil pointer dereference\ngoroutine 351410 [running]:\nnet/http.(*conn).serve.func1()\n\t/opt/homebrew/Cellar/go/1.20.2/libexec/src/net/http/server.go:1854 +0xb0\npanic({0x106d5ae00, 0x108d9fd30})\n\t/opt/homebrew/Cellar/go/1.20.2/libexec/src/runtime/panic.go:890 +0x248\ngithub.com/mattermost/mattermost-server/v6/model.(*Channel).Auditable(0x0)\n\t/Users/vincentlussenburg/Documents/mattermost-server/model/channel.go:67 +0x68\ngithub.com/mattermost/mattermost-server/v6/server/channels/audit.AddEventParameterAuditable(...)\n\t/Users/vincentlussenburg/Documents/mattermost-server/server/channels/audit/record.go:76\ngithub.com/mattermost/mattermost-server/v6/server/channels/api4.createChannel(0x1400695eaa0, {0x1070a3600, 0x14001e2ec00}, 0x14005c55200)\n\t/Users/vincentlussenburg/Documents/mattermost-server/server/channels/api4/channel.go:91 +0x1dc\ngithub.com/mattermost/mattermost-server/v6/server/channels/web.Handler.ServeHTTP({0x1400009da40, 0x107084810, {0x1076f1af8, 0xd}, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, ...}, ...)\n\t/Users/vincentlussenburg/Documents/mattermost-server/server/channels/web/handlers.go:371 +0x3824\ngithub.com/mattermost/gziphandler.GzipHandlerWithOpts.func1.1({0x1070a4ec0, 0x140023befc0}, 0x140031ce2b0?)\n\t/Users/vincentlussenburg/go/pkg/mod/github.com/mattermost/gziphandler@v0.0.1/gzip.go:343 +0x26c\nnet/http.HandlerFunc.ServeHTTP(0x14005c55100?, {0x1070a4ec0?, 0x140023befc0?}, 0x7dffed57f2?)\n\t/opt/homebrew/Cellar/go/1.20.2/libexec/src/net/http/server.go:2122 +0x38\ngithub.com/gorilla/mux.(*Router).ServeHTTP(0x14000378000, {0x1070a4ec0, 0x140023befc0}, 0x14005c55000)\n\t/Users/vincentlussenburg/go/pkg/mod/github.com/gorilla/mux@v1.8.0/mux.go:210 +0x19c\nnet/http.serverHandler.ServeHTTP({0x10709fd60?}, {0x1070a4ec0, 0x140023befc0}, 0x14005c55000)\n\t/opt/homebrew/Cellar/go/1.20.2/libexec/src/net/http/server.go:2936 +0x2c0\nnet/http.(*conn).serve(0x14005c187e0, {0x1070a6968, 0x140022960c0})\n\t/opt/homebrew/Cellar/go/1.20.2/libexec/src/net/http/server.go:1995 +0x518\ncreated by net/http.(*Server).Serve\n\t/opt/homebrew/Cellar/go/1.20.2/libexec/src/net/http/server.go:3089 +0x4e8","caller":"log/log.go:194","source":"httpserver"}

Steps to reproduce

How can we reproduce the issue (what version are you using?)

master (unreleased) in development mode

curl -XPOST 'http://localhost:8065/api/v4/channels' -H 'content-type: application/json' -H 'authorization: bearer REDACTED' -d null

Any valid json (e.g. {}) doesn't trigger this problem.

Expected behavior

Describe your issue in detail

Expected behavior: error message and status 400

Observed behavior (that appears unintentional)

What did you see happen? Please include relevant error messages and/or screenshots.

Actual behavior:

curl: (52) Empty reply from server

Possible fixes

If you can, link to the line of code that might be responsible for the problem

// AddEventParameterAuditable adds an object that is of type Auditable to the event
func AddEventParameterAuditable(rec *Record, key string, val Auditable) {
	if rec.EventData.Parameters == nil {
		rec.EventData.Parameters = make(map[string]interface{})
	}

	
	rec.EventData.Parameters[key] = val.Auditable()
}

requires a nil check for Auditable val
@vlussenburg vlussenburg changed the title ERROR crashing thread (with repros case) ERROR crashing thread on null json payload (with repro case) Apr 11, 2023
@amyblais
Copy link
Member

Opened https://mattermost.atlassian.net/browse/MM-52131.

@amyblais amyblais added the Bug Report/Open Bug report/issue label Apr 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Report/Open Bug report/issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vlussenburg @amyblais