From bcd29f2b681f88ff8a396da774c344e0f0ba2b0f Mon Sep 17 00:00:00 2001 From: "Anthony (Ryo) Wright" <43687737+ryowright@users.noreply.github.com> Date: Mon, 6 Dec 2021 09:38:53 -0800 Subject: [PATCH] Fix null token type bug (#13236) * Fixed null token panic from 'v1/auth/token/' endpoints and returned proper error response * Fixed panic resulting from null token_type in /auth/token/roles/{role_name} to returne proper error response * added changelog entry for PR #13236 * edit changelog entry for PR #13236 --- changelog/13236.txt | 3 +++ vault/request_handling.go | 3 +++ vault/token_store.go | 3 +++ 3 files changed, 9 insertions(+) create mode 100644 changelog/13236.txt diff --git a/changelog/13236.txt b/changelog/13236.txt new file mode 100644 index 000000000..568f02145 --- /dev/null +++ b/changelog/13236.txt @@ -0,0 +1,3 @@ +```release-note:bug +core/token: Fix null token_type panic resulting from 'v1/auth/token/roles/{role_name}' endpoint +``` \ No newline at end of file diff --git a/vault/request_handling.go b/vault/request_handling.go index 3a1bdb987..d2c7bacfd 100644 --- a/vault/request_handling.go +++ b/vault/request_handling.go @@ -543,6 +543,9 @@ func (c *Core) handleCancelableRequest(ctx context.Context, req *logical.Request } break } + if token == nil { + return logical.ErrorResponse("bad token"), logical.ErrPermissionDenied + } _, nsID := namespace.SplitIDFromString(token.(string)) if nsID != "" { ns, err := NamespaceByID(ctx, nsID, c) diff --git a/vault/token_store.go b/vault/token_store.go index 7be8cbbfc..e7faa50e2 100644 --- a/vault/token_store.go +++ b/vault/token_store.go @@ -3348,6 +3348,9 @@ func (ts *TokenStore) tokenStoreRoleCreateUpdate(ctx context.Context, req *logic oldEntryTokenType := entry.TokenType if tokenTypeRaw, ok := data.Raw["token_type"]; ok { tokenTypeStr = new(string) + if tokenTypeRaw == nil { + return logical.ErrorResponse("Invalid 'token_type' value: null"), nil + } *tokenTypeStr = tokenTypeRaw.(string) delete(data.Raw, "token_type") entry.TokenType = logical.TokenTypeDefault