From c74c057bdbf5de6896bda886313268a8b9fe0f2f Mon Sep 17 00:00:00 2001
From: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
Date: Fri, 3 Feb 2023 09:51:10 -0500
Subject: [PATCH] fix sys/leases panic when lease_id is nil (#18951)

* fix sys/leases panic when lease_id is nil

* add changelog entry
---
 changelog/18951.txt       | 3 +++
 vault/request_handling.go | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)
 create mode 100644 changelog/18951.txt

diff --git a/changelog/18951.txt b/changelog/18951.txt
new file mode 100644
index 000000000..9617c0d49
--- /dev/null
+++ b/changelog/18951.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+core: Prevent panics in `sys/leases/lookup`, `sys/leases/revoke`, and `sys/leases/renew` endpoints if provided `lease_id` is null
+```
diff --git a/vault/request_handling.go b/vault/request_handling.go
index c31d543eb..1d56d488a 100644
--- a/vault/request_handling.go
+++ b/vault/request_handling.go
@@ -632,7 +632,7 @@ func (c *Core) handleCancelableRequest(ctx context.Context, req *logical.Request
 		case "sys/leases/lookup", "sys/leases/renew", "sys/leases/revoke", "sys/leases/revoke-force":
 			leaseID, ok := req.Data["lease_id"]
 			// If lease ID is not present, break out and let the backend handle the error
-			if !ok {
+			if !ok || leaseID == nil {
 				break
 			}
 			_, nsID := namespace.SplitIDFromString(leaseID.(string))