Error "slice bounds out of range" with LDAP SSH keys #5975
Description
- Gitea version (or commit ref): 0c721fe
I have a LDAP auth source and a user that has no SSH public keys on LDAP. When I add the attribute 'sshPublicKey' to the authentication source, the user can no longer log in on the web interface and the following panic is logged in gitea.log. If I remove the LDAP attribute, the user is again able to log in. I assume that case of empty sshPublicKey result may not be handled properly around user.go:1504.
PANIC:: runtime error: slice bounds out of range
/usr/lib/golang/src/runtime/panic.go:513 (0x42def8)
gopanic: reflectcall(nil, unsafe.Pointer(d.fn), deferArgs(d), uint32(d.siz), uint32(d.siz))
/usr/lib/golang/src/runtime/panic.go:54 (0x42ce69)
panicslice: panic(sliceError)
gitea/models/user.go:1504 (0x100d850)
gitea/models/login_source.go:399 (0xf89dd9)
gitea/models/login_source.go:605 (0xf8afa8)
gitea/models/login_source.go:662 (0xf8b5ec)
gitea/routers/user/auth.go:156 (0x117dd8a)
/usr/lib/golang/src/runtime/asm_amd64.s:523 (0x45c82a)
call64: CALLFN(·call64, 64)
/usr/lib/golang/src/reflect/value.go:447 (0x4c47a3)
Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset))
/usr/lib/golang/src/reflect/value.go:308 (0x4c4233)
Value.Call: return v.call("Call", in)
gitea/vendor/github.com/go-macaron/inject/inject.go:177 (0x9648b3)
gitea/vendor/github.com/go-macaron/inject/inject.go:137 (0x964219)
gitea/vendor/gopkg.in/macaron.v1/context.go:121 (0x9924a0)
gitea/vendor/gopkg.in/macaron.v1/context.go:112 (0x9923be)
gitea/modules/context/panic.go:40 (0x10b5543)
/usr/lib/golang/src/runtime/asm_amd64.s:522 (0x45c7aa)
call32: CALLFN(·call32, 32)
/usr/lib/golang/src/reflect/value.go:447 (0x4c47a3)
Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset))
/usr/lib/golang/src/reflect/value.go:308 (0x4c4233)
Value.Call: return v.call("Call", in)
gitea/vendor/github.com/go-macaron/inject/inject.go:177 (0x9648b3)
gitea/vendor/github.com/go-macaron/inject/inject.go:137 (0x964219)
gitea/vendor/gopkg.in/macaron.v1/context.go:121 (0x9924a0)
gitea/vendor/gopkg.in/macaron.v1/context.go:112 (0x9923be)
gitea/vendor/github.com/go-macaron/session/session.go:192 (0x9e681e)
gitea/vendor/gopkg.in/macaron.v1/context.go:79 (0x992340)
gitea/vendor/github.com/go-macaron/inject/inject.go:157 (0x9645a0)
gitea/vendor/github.com/go-macaron/inject/inject.go:135 (0x96430b)
gitea/vendor/gopkg.in/macaron.v1/context.go:121 (0x9924a0)
gitea/vendor/gopkg.in/macaron.v1/context.go:112 (0x9923be)
gitea/vendor/gopkg.in/macaron.v1/recovery.go:161 (0x9a32da)
gitea/vendor/gopkg.in/macaron.v1/logger.go:40 (0x995663)
gitea/vendor/github.com/go-macaron/inject/inject.go:157 (0x9645a0)
gitea/vendor/github.com/go-macaron/inject/inject.go:135 (0x96430b)
gitea/vendor/gopkg.in/macaron.v1/context.go:121 (0x9924a0)
gitea/vendor/gopkg.in/macaron.v1/context.go:112 (0x9923be)
gitea/vendor/gopkg.in/macaron.v1/logger.go:52 (0x9a25f0)
gitea/vendor/gopkg.in/macaron.v1/logger.go:40 (0x995663)
gitea/vendor/github.com/go-macaron/inject/inject.go:157 (0x9645a0)
gitea/vendor/github.com/go-macaron/inject/inject.go:135 (0x96430b)
gitea/vendor/gopkg.in/macaron.v1/context.go:121 (0x9924a0)
gitea/vendor/gopkg.in/macaron.v1/router.go:187 (0x9a44e7)
gitea/vendor/gopkg.in/macaron.v1/router.go:294 (0x99de16)
gitea/vendor/gopkg.in/macaron.v1/macaron.go:220 (0x9969a1)
gitea/vendor/github.com/gorilla/context/context.go:141 (0xe110ea)
/usr/lib/golang/src/net/http/server.go:1964 (0x6c1f33)
HandlerFunc.ServeHTTP: f(w, r)
/usr/lib/golang/src/net/http/server.go:2741 (0x6c4c3a)
serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
/usr/lib/golang/src/net/http/server.go:1847 (0x6c0f95)
(*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
/usr/lib/golang/src/runtime/asm_amd64.s:1333 (0x45e4c0)
goexit: BYTE $0x90 // NOP