github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-12 02:24:21 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

Invalid HEAD request causes 500 Internal Error with panic #8203

New Issue
Closed
opened 2025-11-02 07:57:20 -06:00 by GiteaMirror · 4 comments
GiteaMirror commented 2025-11-02 07:57:20 -06:00
Owner
Copy Link

Originally created by @wxiaoguang on GitHub (Dec 2, 2021).

Gitea Version

1.16 (or maybe 1.15 also)

Can you reproduce the bug on the Gitea demo site?

Yes

Description

2021/12/02 10:08:04 Started HEAD /website.rar for 150.158.12.71:0
2021/12/02 10:08:04 routers/web/base.go:130:1() [E] PANIC: runtime error: invalid memory address or nil pointer dereference
	/usr/local/go/src/runtime/panic.go:221 (0x44bda6)
	/usr/local/go/src/runtime/signal_unix.go:735 (0x44bd76)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/get_head.go:14 (0x1cab5ed)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/modules/web/route.go:113 (0x1c7f2a5)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/modules/context/context.go:770 (0x14bcd10)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:314 (0x14aac5b)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:442 (0x14ab475)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/web/base.go:169 (0x1e5aeba)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/gitea.com/go-chi/session/session.go:257 (0x128621d)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/modules/public/public.go:42 (0x132b67b)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:314 (0x14aac5b)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:442 (0x14ab475)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/common/middleware.go:75 (0x1cb29c1)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/common/logger.go:23 (0x1cb0564)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/strip.go:30 (0x1cae6b8)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/chi-middleware/proxy/middleware.go:37 (0x1caab76)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/routers/common/middleware.go:28 (0x1cb2819)
	/usr/local/go/src/net/http/server.go:2046 (0x77378e)
	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:88 (0x14a9261)
	/Users/xiaoguang/work/gitea/modules/web/route.go:328 (0x1c8210d)
	/usr/local/go/src/net/http/server.go:2878 (0x776cfa)
	/usr/local/go/src/net/http/server.go:1929 (0x772867)
	/usr/local/go/src/runtime/asm_amd64.s:1581 (0x468c80)

~$ curl -v -X HEAD https://try.gitea.io/upload.rar
> HEAD /upload.rar HTTP/2
> Host: try.gitea.io
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/2 500
< content-type: text/html; charset=UTF-8
< date: Thu, 02 Dec 2021 09:32:50 GMT
< set-cookie: i_like_gitea=7397572287ba4645; Path=/; HttpOnly; SameSite=Lax
< set-cookie: _csrf=QZd6RrYkCx62ISmgltdnDZOpivM6MTYzODQzNzU3MDQyOTM5OTk4OA; Path=/; Expires=Fri, 03 Dec 2021 09:32:50 GMT; HttpOnly; SameSite=Lax
< set-cookie: macaron_flash=; Path=/; Max-Age=0; HttpOnly; SameSite=Lax
< x-frame-options: SAMEORIGIN
<
Originally created by @wxiaoguang on GitHub (Dec 2, 2021). ### Gitea Version 1.16 (or maybe 1.15 also) ### Can you reproduce the bug on the Gitea demo site? Yes ### Description ``` 2021/12/02 10:08:04 Started HEAD /website.rar for 150.158.12.71:0 2021/12/02 10:08:04 routers/web/base.go:130:1() [E] PANIC: runtime error: invalid memory address or nil pointer dereference /usr/local/go/src/runtime/panic.go:221 (0x44bda6) /usr/local/go/src/runtime/signal_unix.go:735 (0x44bd76) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/get_head.go:14 (0x1cab5ed) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/modules/web/route.go:113 (0x1c7f2a5) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/modules/context/context.go:770 (0x14bcd10) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:314 (0x14aac5b) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:442 (0x14ab475) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/routers/web/base.go:169 (0x1e5aeba) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/gitea.com/go-chi/session/session.go:257 (0x128621d) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/modules/public/public.go:42 (0x132b67b) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:314 (0x14aac5b) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:442 (0x14ab475) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/routers/common/middleware.go:75 (0x1cb29c1) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/routers/common/logger.go:23 (0x1cb0564) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/strip.go:30 (0x1cae6b8) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/github.com/chi-middleware/proxy/middleware.go:37 (0x1caab76) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/routers/common/middleware.go:28 (0x1cb2819) /usr/local/go/src/net/http/server.go:2046 (0x77378e) /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:88 (0x14a9261) /Users/xiaoguang/work/gitea/modules/web/route.go:328 (0x1c8210d) /usr/local/go/src/net/http/server.go:2878 (0x776cfa) /usr/local/go/src/net/http/server.go:1929 (0x772867) /usr/local/go/src/runtime/asm_amd64.s:1581 (0x468c80) ``` ``` ~$ curl -v -X HEAD https://try.gitea.io/upload.rar > HEAD /upload.rar HTTP/2 > Host: try.gitea.io > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/2 500 < content-type: text/html; charset=UTF-8 < date: Thu, 02 Dec 2021 09:32:50 GMT < set-cookie: i_like_gitea=7397572287ba4645; Path=/; HttpOnly; SameSite=Lax < set-cookie: _csrf=QZd6RrYkCx62ISmgltdnDZOpivM6MTYzODQzNzU3MDQyOTM5OTk4OA; Path=/; Expires=Fri, 03 Dec 2021 09:32:50 GMT; HttpOnly; SameSite=Lax < set-cookie: macaron_flash=; Path=/; Max-Age=0; HttpOnly; SameSite=Lax < x-frame-options: SAMEORIGIN < ```
GiteaMirror added the issue/confirmedtype/bug labels 2025-11-02 07:57:20 -06:00
GiteaMirror commented 2025-11-02 07:57:21 -06:00
Author
Owner
Copy Link

@lunny commented on GitHub (Dec 2, 2021):

Looks like it's a upstream issue https://github.com/go-chi/chi .

@lunny commented on GitHub (Dec 2, 2021): Looks like it's a upstream issue https://github.com/go-chi/chi .
GiteaMirror commented 2025-11-02 07:57:21 -06:00
Author
Owner
Copy Link

@mscherer commented on GitHub (Dec 2, 2021):

For the record, I can't reproduce on 1.15.6

@mscherer commented on GitHub (Dec 2, 2021): For the record, I can't reproduce on 1.15.6
GiteaMirror commented 2025-11-02 07:57:22 -06:00
Author
Owner
Copy Link

@zeripath commented on GitHub (Dec 2, 2021):

This is interesting. After searching the context key should have been set however:

	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/get_head.go:14 (0x1cab5ed)

Compare with:

	/Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac)

The problem is that the context that get_head looks for is the non v5 version.

We need a v5 version of the middleware.

@zeripath commented on GitHub (Dec 2, 2021): This is interesting. After searching the context key should have been set however: ``` /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/middleware/get_head.go:14 (0x1cab5ed) ``` Compare with: ``` /Users/xiaoguang/work/gitea/vendor/github.com/go-chi/chi/v5/mux.go:71 (0x14a92ac) ``` The problem is that the context that get_head looks for is the non v5 version. We need a v5 version of the middleware.
GiteaMirror commented 2025-11-02 07:57:23 -06:00
Author
Owner
Copy Link

@zeripath commented on GitHub (Dec 2, 2021):

Got it!

@zeripath commented on GitHub (Dec 2, 2021): Got it!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label issue/confirmed type/bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#8203
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?