From cf042068b5f69b416640f9a4fcb21fbec1082268 Mon Sep 17 00:00:00 2001
From: Grzegorz Bizon <grzesiek.bizon@gmail.com>
Date: Thu, 30 Mar 2017 15:41:51 +0200
Subject: [PATCH] Do not allow registry requests for invalid repositories

---
 .../auth/container_registry_authentication_service.rb         | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb
index 839f514ad58..dcb728b6151 100644
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -64,6 +64,10 @@ module Auth
     end
 
     def process_repository_access(type, path, actions)
+      # TODO, add specs for invalid paths
+      #
+      return unless path.valid?
+
       requested_project = path.repository_project
 
       return unless requested_project
-- 
GitLab