Closed 6543 closed 4 years ago
Could you describe steps to reproduce? Note for our future "current", current is currently 1.11.0+dev-153-gfe7a6d9bf
runtime error: slice bounds out of range [:31] with length 2
/usr/lib/go/src/runtime/panic.go:85 (0x42f952)
goPanicSliceAlen: panic(boundsError{x: int64(x), signed: true, y: y, code: boundsSliceAlen})
/home/6543/git/own/gitea/models/ssh_key.go:110 (0xfb6cd8)
parseKeyString: if content[:len(ssh2keyStart)] == ssh2keyStart {
/home/6543/git/own/gitea/models/ssh_key.go:309 (0xfb7fe9)
CheckPublicKeyString: content, err = parseKeyString(content)
/home/6543/git/own/gitea/routers/repo/setting.go:768 (0x128763d)
DeployKeysPost: content, err := models.CheckPublicKeyString(form.Content)
/usr/lib/go/src/reflect/value.go:460 (0x491cc5)
Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset))
/usr/lib/go/src/reflect/value.go:321 (0x491483)
Value.Call: return v.call("Call", in)
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0x9a7249)
(*injector).callInvoke: return reflect.ValueOf(f).Call(in), nil
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0x9a6bf9)
(*injector).Invoke: return inj.callInvoke(f, t, t.NumIn())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x9d6d98)
(*Context).run: vals, err := c.Invoke(c.handler())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x10b9651)
(*Context).Next: c.run()
/home/6543/git/own/gitea/modules/context/panic.go:39 (0x10b963d)
Recovery.func1: ctx.Next()
/usr/lib/go/src/reflect/value.go:460 (0x491cc5)
Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset))
/usr/lib/go/src/reflect/value.go:321 (0x491483)
Value.Call: return v.call("Call", in)
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0x9a7249)
(*injector).callInvoke: return reflect.ValueOf(f).Call(in), nil
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0x9a6bf9)
(*injector).Invoke: return inj.callInvoke(f, t, t.NumIn())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x9d6d98)
(*Context).run: vals, err := c.Invoke(c.handler())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0xa6e9c5)
(*Context).Next: c.run()
/home/6543/git/own/gitea/vendor/gitea.com/macaron/session/session.go:192 (0xa6e9b0)
Sessioner.func1: ctx.Next()
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0x9d6c40)
ContextInvoker.Invoke: invoke(params[0].(*Context))
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x9a6f59)
(*injector).fastInvoke: return f.Invoke(in)
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x9a6ce8)
(*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x9d6d98)
(*Context).run: vals, err := c.Invoke(c.handler())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x9e8439)
(*Context).Next: c.run()
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 (0x9e8427)
Recovery.func1: c.Next()
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0x9da913)
LoggerInvoker.Invoke: invoke(params[0].(*Context), params[1].(*log.Logger))
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x9a6f59)
(*injector).fastInvoke: return f.Invoke(in)
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x9a6ce8)
(*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x9d6d98)
(*Context).run: vals, err := c.Invoke(c.handler())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x9e7770)
(*Context).Next: c.run()
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/logger.go:52 (0x9e775b)
Logger.func1: ctx.Next()
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0x9da913)
LoggerInvoker.Invoke: invoke(params[0].(*Context), params[1].(*log.Logger))
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x9a6f59)
(*injector).fastInvoke: return f.Invoke(in)
/home/6543/git/own/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x9a6ce8)
(*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x9d6d98)
(*Context).run: vals, err := c.Invoke(c.handler())
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/router.go:187 (0x9e9656)
(*Router).Handle.func1: c.run()
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/router.go:303 (0x9e3035)
(*Router).ServeHTTP: h(rw, req, p)
/home/6543/git/own/gitea/vendor/gitea.com/macaron/macaron/macaron.go:220 (0x9dbcaa)
(*Macaron).ServeHTTP: m.Router.ServeHTTP(rw, req)
/home/6543/git/own/gitea/vendor/github.com/gorilla/context/context.go:141 (0xc2840d)
ClearHandler.func1: h.ServeHTTP(w, r)
/usr/lib/go/src/net/http/server.go:2007 (0x752a03)
HandlerFunc.ServeHTTP: f(w, r)
/usr/lib/go/src/net/http/server.go:2802 (0x755e53)
serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
/usr/lib/go/src/net/http/server.go:1890 (0x7517f4)
(*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
/usr/lib/go/src/runtime/asm_amd64.s:1357 (0x461090)
goexit: BYTE $0x90 // NOP
It works if the key is valid. It fails to validate the input.
https://qsandbox.com/tools/private-public-keygen
Valid content (doesn't fail):
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC67nQGOZlUXELmugesFEMfygXnqTNRIv6rWXdmT5WudNcaX3ARDt7SqLRSPE7w2B3g1L96zhE4p9XcVZGYNsCldDgoGG0e7Ocvffdbi+mAKdeXC7WXmvl/zJEd+qx7WnhW/n19We+rdABNb7ZEdYtL8MD4/LB4WukNsEpDUrn693G6QrqunY5fpZXna7qJ3LvTaxTgbLlydJfdgeDAlpEqgD4FBbmpBoq9fE1RyV13kIXK32Tp+M2cTLHBtusckhReTq89cZDDTdDFgH84qpLK1GcPbNANSRLsmJFf5VgKXr/UNZLzdJBq/vD16Ta4w6CDeVC1MoeTN33vLNd1ICgH qsandbox
@guillep2k yes - I know ... (now) first touhgt was deployment key is like a tocken :()
same same is at http://
-> gitea should not show 500 instead tell the user that it needs a valide ssh key
Afected:
what i would expect: -> gitea tell the user that it needs a valide ssh key
version: current