[v15.0/forgejo] fix: continued API response processing after error in /repos/search API (#12147)

**Backport:** https://codeberg.org/forgejo/forgejo/pulls/12143 Prevent continued execution of some APIs with error responses that didn't correctly interrupt execution, resulting in bizarre outputs and possibly leaking secure data: ``` > GET /api/v1/repos/search?uid=-2&archived=false HTTP/2 > Host: example.org > user-agent: curl/7.88.1 > accept: */* > authorization: bearer *** > < HTTP/2 500 < server: nginx < date: Thu, 16 Apr 2026 14:20:09 GMT < content-type: application/json;charset=utf-8 < cache-control: max-age=0, private, must-revalidate, no-transform < x-content-type-options: nosniff < x-frame-options: SAMEORIGIN < {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"message":"","url":"https://example.org/api/swagger"} {"ok":true,"data":[{"id":68,"owner":{"id":1,"login":"mfenniak", ... ``` As these errors only occur on situations that shouldn't be reproducible (minus software bugs), test automation isn't practical. ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests for Go changes - I added test coverage for Go changes... - [ ] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I ran... - [ ] `make pr-go` before pushing ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change. - [x] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change. Co-authored-by: Mathieu Fenniak <mathieu@fenniak.net> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12147 Reviewed-by: Mathieu Fenniak <mfenniak@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>
2026-05-12 22:10:25 +00:00 · 2026-04-16 19:05:38 +02:00 · 2026-04-16 19:05:38 +02:00 · b7319ea4a6
commit b7319ea4a6
parent f25747d0f6
3 changed files with 5 additions and 0 deletions
--- a/routers/api/v1/org/team.go
+++ b/routers/api/v1/org/team.go
@ -591,6 +591,7 @@ func GetTeamRepos(ctx *context.APIContext) {
 			// Due to the pagination of the API it doesn't make sense to skip it, as we wouldn't be giving the right
 			// number of results back to the API consumer.
 			ctx.Error(http.StatusInternalServerError, "InvalidAuthorizationReducer", "Repository was available from GetTeamRepositories, but not readable.")
+			return
 		}
 		repos[i] = convert.ToRepo(ctx, repo, permission)
 	}
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@ -234,11 +234,13 @@ func Search(ctx *context.APIContext) {
 				OK:    false,
 				Error: err.Error(),
 			})
+			return
 		} else if !permission.HasAccess() {
 			// It shouldn't happen that a repo is returned from GetTeamRepositories which we have no access to at all.
 			// Due to the pagination of the API it doesn't make sense to skip it, as we wouldn't be giving the right
 			// number of results back to the API consumer.
 			ctx.Error(http.StatusInternalServerError, "InvalidAuthorizationReducer", "Repository was available from SearchRepository, but not readable.")
+			return
 		}

 		results[i] = convert.ToRepo(ctx, repo, permission)
--- a/routers/api/v1/user/repo.go
+++ b/routers/api/v1/user/repo.go
@ -153,11 +153,13 @@ func ListMyRepos(ctx *context.APIContext) {
 		permission, err := access_model.GetUserRepoPermissionWithReducer(ctx, repo, ctx.Doer, ctx.Reducer)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "GetUserRepoPermissionWithReducer", err)
+			return
 		} else if !permission.HasAccess() {
 			// It shouldn't happen that a repo is returned from SearchRepository which we have no access to at all. Due
 			// to the pagination of the API it doesn't make sense to skip it, as we wouldn't be giving the right number
 			// of results back to the API consumer.
 			ctx.Error(http.StatusInternalServerError, "InvalidAuthorizationReducer", "Repository was available from SearchRepository, but not readable.")
+			return
 		}
 		results[i] = convert.ToRepo(ctx, repo, permission)
 	}