Fix nil pointer dereference in pullImage for public registries#133
Fix nil pointer dereference in pullImage for public registries#133ddjain wants to merge 5 commits intokrkn-chaos:mainfrom
pullImage for public registries#133Conversation
…mit (krkn-chaos#124) Signed-off-by: ddjain <darjain@redhat.com>
…chaos#132) Signed-off-by: ddjain <darjain@redhat.com> Made-with: Cursor
Review Summary by QodoFix nil pointer dereference in pullImage for public registries
WalkthroughsDescription• Fix nil pointer dereference when pulling images from public registries • Add nil check before dereferencing registryAuth pointer • Prevents panic when using --private-registry flag without auth credentials Diagramflowchart LR
A["pullImage called<br/>with registry"] --> B["ToDockerV2AuthString<br/>returns nil, nil"]
B --> C["Check if registryAuth<br/>is not nil"]
C --> D["Safely dereference<br/>or skip assignment"]
D --> E["ImagePull succeeds<br/>without panic"]
File Changes1. pkg/scenarioorchestrator/docker/scenario_orchestrator.go
|
Code Review by Qodo
|
| if registryAuth != nil { | ||
| pullOptions.RegistryAuth = *registryAuth | ||
| } |
There was a problem hiding this comment.
1. Nil password panic path 🐞 Bug ≡ Correctness
RegistryV2.ToDockerV2AuthString() can still panic by dereferencing r.Password when r.Username is set but r.Password is nil, so krknctl can still crash in private-registry mode despite the new registryAuth nil-check. This can happen because CLI parsing allows setting --private-registry-username without requiring --private-registry-password.
Agent Prompt
### Issue description
`RegistryV2.ToDockerV2AuthString()` dereferences `*r.Password` when `r.Username != nil`, which can panic if the password was not provided (nil pointer). This leaves a remaining crash path in private registry flows.
### Issue Context
`parsePrivateRepoArgs` can set `registrySettings.Username` without setting `registrySettings.Password` (e.g., user supplies `--private-registry-username` but omits `--private-registry-password`). `pullImage` calls `ToDockerV2AuthString()` when `registry != nil`.
### Fix Focus Areas
- pkg/provider/models/models.go[104-115]
- cmd/utils.go[144-158]
### Implementation notes
- In `ToDockerV2AuthString`, avoid dereferencing `r.Password` without a nil check. Either:
- Treat missing password as empty string (`""`) and continue, or
- Return a clear error requiring both username and password.
- Optionally enforce `--private-registry-username` and `--private-registry-password` to be provided together (or validate early and return an error message).
ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools
Fixes #132
Problem
krknctl runpanics when using--private-registrywith a public repository (no auth credentials provided).ToDockerV2AuthString()returns(nil, nil)when no credentials are set, andpullImagedereferences the nil pointer unconditionally:Fix
Added a nil check before dereferencing
registryAuth:Testing
Verified locally --
krknctl runwith--private-registryand no auth flags now pulls the image and executes the scenario successfully.