Skip to content

GitLab

  • Menu
Projects Groups Snippets
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • G gitlabhq1
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 21
    • Issues 21
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 12
    • Merge requests 12
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Infrastructure Registry
  • Analytics
    • Analytics
    • CI/CD
    • Repository
    • Value stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • gpt
  • large_projects
  • gitlabhq1
  • Issues
  • #3105

Closed
Open
Created Feb 27, 2013 by Administrator@rootOwner

500 error in grack_auth.rb current_ref on push of pack file

Created by: olirogers

Hi,

I am getting a 500 error from grack_auth.rb in the "production.log":

ArgumentError (invalid byte sequence in UTF-8):
lib/gitlab/backend/grack_auth.rb:84:in `match'
lib/gitlab/backend/grack_auth.rb:84:in `current_ref'
lib/gitlab/backend/grack_auth.rb:60:in `validate_post_request'
lib/gitlab/backend/grack_auth.rb:46:in `valid?'
lib/gitlab/backend/grack_auth.rb:21:in `call'

I think this is something to do with the regular expression operating in UTF-8 over the binary data in the commit.

I removed the code:

action = if project.protected_branch?(current_ref)
                   :push_code_to_protected_branches
                 else
                   :push_code
                 end

and replaced with:

action = :push_code

and this makes the push perform successfully. Obviously we now have no validation on whether the user can push to the protected branches.

What is the best way to sanitize this input to find the branch we are pushing to and enable this check again?

Thanks and regards,

Oli

Assignee
Assign to
Time tracking