GPG commit validation causes nil pointer dereference in API

- Gitea version: master @ 6a451a2
- Git version: 2.11.1
- Operating system: Alpine Linux 3.5
- Database:
  - [ ] PostgreSQL
  - [ ] MySQL
  - [ ] MSSQL
  - [x] SQLite
- Can you reproduce the bug at https://try.gitea.io:
  - [x] Yes `curl -v --header "Authorization: token d716e7f20bbcbf59f9a4cf9e6e2564b6152a8b7d" https://try.gitea.io/api/v1/repos/test/test01/branches`
  - [ ] No
  - [ ] Not relevant
- Log gist: https://gist.github.com/cybe/c783b0daece41e09be55adac8d7e1bfd

## Description

Since the introduction of the GPG commit validation feature in commit 14fe901, getting branch information through the API causes a nil pointer dereference for unsigned commits.

The originating cause is located in [routers/api/v1/convert/convert.go](https://github.com/go-gitea/gitea/commit/14fe9010ae8aecc0bcd38059b4c71256524b5341#diff-f171ec9d08bac9e0533c08650a94416e). Because the commit is not signed (`verif.Verified` is `false`), `c.Signature` is not initialized and cause the error.

There needs to be an appropriate safe guard for unsigned commits.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

GPG commit validation causes nil pointer dereference in API #1383

Description

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

GPG commit validation causes nil pointer dereference in API #1383

Description

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions