#6163: Fix panic when SSO_MASTER_PASSWORD_POLICY is non-json

3 weeks ago · 1d3c0d4d9c
1 changed files with 8 additions and 1 deletions
--- a/src/api/mod.rs
+++ b/src/api/mod.rs
@ -111,7 +111,14 @@ async fn master_password_policy(user: &User, conn: &DbConn) -> Value {
            }
        }))
    } else if let Some(policy_str) = CONFIG.sso_master_password_policy().filter(|_| CONFIG.sso_enabled()) {
-        serde_json::from_str(&policy_str).unwrap_or(json!({}))
+        // Use a match statement to handle Ok and Err results gracefully.
+        match serde_json::from_str(&policy_str) {
+            Ok(val) => val,
+            Err(_) => {
+                warn!("Failed to parse sso_master_password_policy configuration string: {}", policy_str);
+                json!({})
+            },
+        }
    } else {
        json!({})
    };