Closed sibicramesh closed 4 years ago
/build - automatically fired by gogo with following PRs and commit SHAs v1.0.0
[
{
"project": "",
"component": "enforcerd",
"pr-id": "1551",
"commit-sha": "dc8842341f71ce64692c8184b81a3a97bca94403",
"pipeline": "master"
},
{
"project": "",
"component": "trireme-lib",
"pr-id": "951",
"commit-sha": "9cbbc4d1b9c17c5ba77bca07c0b623d79c09e536",
"pipeline": "master"
}
]
Merging #951 into master will increase coverage by
0.05%
. The diff coverage is100%
.
@@ Coverage Diff @@
## master #951 +/- ##
==========================================
+ Coverage 54.87% 54.92% +0.05%
==========================================
Files 123 123
Lines 11735 11735
==========================================
+ Hits 6439 6445 +6
+ Misses 4674 4671 -3
+ Partials 622 619 -3
Impacted Files | Coverage Δ | |
---|---|---|
controller/pkg/tokens/binaryjwt.go | 63.39% <100%> (+2.67%) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 619a1fd...9cbbc4d. Read the comment docs.
NOTE: This fix only avoids the crash. This doesn't explain why the token was messed up in the first place.
The issue here is the signature position in the token is missing and the check for that was absent. We then proceed to extract the signature from this position in this case will be
0
. So is this panicAdded unit tests to avoid regression.
Full stack here enforcerd.log