Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] index out of range [0] with length 0 at modules/setting #20316

Closed
secsys-go opened this issue Jul 11, 2022 · 0 comments · Fixed by #20318
Closed

[BUG] index out of range [0] with length 0 at modules/setting #20316

secsys-go opened this issue Jul 11, 2022 · 0 comments · Fixed by #20318
Labels
type/bug

Comments

@secsys-go
Copy link

Description

The function getPostgreSQLConnectionString in modules/setting/database.go parse the dbhost, and it works like:

host, port := parsePostgreSQLHostPort(dbHost)
if host[0] == '/' { // looks like a unix socket
...

but it just split host-string with :. If the provided host-string starts with :, the host will be "", and it will trigger an error like index out of range [0] with length 0

The poc is here:

package main

import "code.gitea.io/gitea/modules/setting"

func main() {
	setting.Database.Type = "postgres"
	setting.Database.Host = ":00000"
	_, _ = setting.DBConnStr()
}

And it crashed as :

panic: runtime error: index out of range [0] with length 0

goroutine 1 [running]:
code.gitea.io/gitea/modules/setting.getPostgreSQLConnectionString({0x744b0d, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x743130, 0x1}, ...)
        /home/zjx/workspace/gowork/src/go-fdg-exmaples/gitea/modules/setting/database.go:158 +0x410
code.gitea.io/gitea/modules/setting.DBConnStr()
        /home/zjx/workspace/gowork/src/go-fdg-exmaples/gitea/modules/setting/database.go:122 +0x5e9
main.main()
        /home/zjx/workspace/gowork/src/go-fdg-exmaples/gitea/modules/setting/pocTest_getPostgreSQL/main.go:8 +0x8a
exit status 2

Gitea Version

with git commit as ee769f7

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

No response

How are you running Gitea?

I test the API in Gitea through go-fuzz

Database

No response
Gusted pushed a commit to Gusted/gitea that referenced this issue Jul 11, 2022
Use default values when provided values are empty
372b8f0 
- When provided values are empty like `:3000` would imply that host is
empty, use the default value.
- Resolves go-gitea#20316
@Gusted Gusted mentioned this issue Jul 11, 2022
Merged
lunny added a commit that referenced this issue Jul 13, 2022
@lunny @wxiaoguang
Use default values when provided values are empty (#20318)
b7c6ec9 
* Use default values when provided values are empty

- When provided values are empty like `:3000` would imply that host is
empty, use the default value.
- Resolves #20316

* Update database.go

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
vsysoev pushed a commit to IntegraSDL/gitea that referenced this issue Aug 10, 2022
@lunny @wxiaoguang
Use default values when provided values are empty (go-gitea#20318)
7439959 
* Use default values when provided values are empty

- When provided values are empty like `:3000` would imply that host is
empty, use the default value.
- Resolves go-gitea#20316

* Update database.go

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type/bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use default values when provided values are empty Gusted/gitea
1 participant
@secsys-go