Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid HEAD request causes 500 Internal Error with panic #17880

Closed
wxiaoguang opened this issue Dec 2, 2021 · 4 comments · Fixed by #17888
Closed

Invalid HEAD request causes 500 Internal Error with panic #17880

wxiaoguang opened this issue Dec 2, 2021 · 4 comments · Fixed by #17888
Labels
issue/confirmed Issue has been reviewed and confirmed to be present or accepted to be implemented type/bug

Comments

@wxiaoguang
Copy link
Contributor

wxiaoguang commented Dec 2, 2021
edited
Loading

Gitea Version

1.16 (or maybe 1.15 also)

Can you reproduce the bug on the Gitea demo site?

Yes

Description

2021/12/02 10:08:04 Started HEAD /website.rar for 150.158.12.71:0
2021/12/02 10:08:04 routers/web/base.go:130:1() [E] PANIC: runtime error: invalid memory address or nil pointer dereference
	/usr/local/go/src/runtime/panic.go:221 (0x44bda6)
	/usr/local/go/src/runtime/signal_unix.go:735 (0x44bd76)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/get_head.go:14 (0x1cab5ed)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/modules/web/route.go:113 (0x1c7f2a5)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/modules/context/context.go:770 (0x14bcd10)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:314 (0x14aac5b)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:442 (0x14ab475)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/web/base.go:169 (0x1e5aeba)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/gitea.com/go-chi/session/session.go:257 (0x128621d)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/modules/public/public.go:42 (0x132b67b)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:314 (0x14aac5b)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:442 (0x14ab475)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/common/middleware.go:75 (0x1cb29c1)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/common/logger.go:23 (0x1cb0564)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/strip.go:30 (0x1cae6b8)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/chi-middleware/proxy/middleware.go:37 (0x1caab76)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/common/middleware.go:28 (0x1cb2819)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:88 (0x14a9261)
	/Users/xiaoguang/work/gitea/modules/web/route.go:328 (0x1c8210d)
	/usr/local/go/src/net/http/server.go:2878 (0x776cfa)
	/usr/local/go/src/net/http/server.go:1929 (0x772867)
	/usr/local/go/src/runtime/asm_amd64.s:1581 (0x468c80)

~$ curl -v -X HEAD https://try.gitea.io/upload.rar
> HEAD /upload.rar HTTP/2
> Host: try.gitea.io
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/2 500
< content-type: text/html; charset=UTF-8
< date: Thu, 02 Dec 2021 09:32:50 GMT
< set-cookie: i_like_gitea=7397572287ba4645; Path=/; HttpOnly; SameSite=Lax
< set-cookie: _csrf=QZd6RrYkCx62ISmgltdnDZOpivM6MTYzODQzNzU3MDQyOTM5OTk4OA; Path=/; Expires=Fri, 03 Dec 2021 09:32:50 GMT; HttpOnly; SameSite=Lax
< set-cookie: macaron_flash=; Path=/; Max-Age=0; HttpOnly; SameSite=Lax
< x-frame-options: SAMEORIGIN
<
@wxiaoguang wxiaoguang added type/bug issue/confirmed Issue has been reviewed and confirmed to be present or accepted to be implemented labels Dec 2, 2021
@lunny
Copy link
Member

lunny commented Dec 2, 2021

Looks like it's a upstream issue https://github.com/go-chi/chi .

@mscherer
Copy link
Contributor

mscherer commented Dec 2, 2021

For the record, I can't reproduce on 1.15.6

@zeripath
Copy link
Contributor

zeripath commented Dec 2, 2021

This is interesting. After searching the context key should have been set however:

	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/get_head.go:14 (0x1cab5ed)

Compare with:

	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac)

The problem is that the context that get_head looks for is the non v5 version.

We need a v5 version of the middleware.

zeripath added a commit to zeripath/gitea that referenced this issue Dec 2, 2021
@zeripath
Update chi/middleware to chi/v5/middleware
35c78c9 
Fix go-gitea#17880

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath mentioned this issue Dec 2, 2021
Merged
@zeripath
Copy link
Contributor

zeripath commented Dec 2, 2021

Got it!

6543 pushed a commit that referenced this issue Dec 2, 2021
@zeripath @lafriks
Update chi/middleware to chi/v5/middleware (#17888)
957c3fc 
Fix #17880


Co-authored-by: Lauris BH <lauris@nix.lv>
Chianina pushed a commit to Chianina/gitea that referenced this issue Mar 28, 2022
@zeripath @lafriks
Update chi/middleware to chi/v5/middleware (go-gitea#17888)
da1437c 
Fix go-gitea#17880


Co-authored-by: Lauris BH <lauris@nix.lv>
@go-gitea go-gitea locked and limited conversation to collaborators Apr 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
issue/confirmed Issue has been reviewed and confirmed to be present or accepted to be implemented type/bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update chi/middleware to chi/v5/middleware zeripath/gitea
4 participants
@lunny @mscherer @zeripath @wxiaoguang