mirror of
https://github.com/infiniflow/ragflow.git
synced 2026-07-06 03:18:36 +08:00
fix(go): guard four nil-pointer dereferences causing runtime panics (#15815)
### What problem does this PR solve? Fixes four Go paths that dereference a pointer with no prior nil check, each causing a **runtime panic**. Closes #15814. | # | File | Bug | Fix | |---|------|-----|-----| | 1 | `internal/entity/models/deepseek.go` | streaming path runs `switch *chatModelConfig.Effort` inside `if *Thinking`; panics when `Thinking=true` and `Effort==nil` | nil-check with default `"high"`, matching the non-streaming path in the same file | | 2 | `internal/entity/models/volcengine.go` | identical oversight: `switch *modelConfig.Effort` with no guard | nil-check with default `"medium"`, matching its non-streaming path | | 3 | `internal/handler/auth.go` | `AuthMiddleware` does `if *user.IsSuperuser`; panics on every authenticated request when the DB column is `NULL` | guard with `user.IsSuperuser != nil &&`, matching every other call site (`admin/handler.go`, `admin/service.go`, `user.go`) | | 4 | `internal/service/heartbeat_sender.go` | `responseBody["code"].(float64)` panics on any non-200 response lacking a numeric `code`; the upstream `recover()` calls `Fatal()` → `os.Exit(1)`, taking down the whole server | comma-ok assertion (`code, ok := ...`); return an error instead of panicking | - [x] Bug Fix (non-breaking change which fixes an issue)
This commit is contained in:
@@ -66,7 +66,7 @@ func (h *AuthHandler) AuthMiddleware() gin.HandlerFunc {
|
||||
}
|
||||
}
|
||||
|
||||
if *user.IsSuperuser {
|
||||
if user.IsSuperuser != nil && *user.IsSuperuser {
|
||||
c.JSON(http.StatusForbidden, gin.H{
|
||||
"code": common.CodeForbidden,
|
||||
"message": "Super user shouldn't access the URL",
|
||||
|
||||
@@ -126,7 +126,11 @@ func (h *HeartbeatSender) SendHeartbeat() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
responseCode := common.ErrorCode(responseBody["code"].(float64))
|
||||
code, ok := responseBody["code"].(float64)
|
||||
if !ok {
|
||||
return fmt.Errorf("unexpected heartbeat response (status %d): missing or non-numeric \"code\" field", resp.StatusCode)
|
||||
}
|
||||
responseCode := common.ErrorCode(code)
|
||||
if responseCode != common.CodeLicenseValid {
|
||||
return errors.New(responseCode.Message())
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user