From 43ab0acb522c23792edd8f6b0aeadcf466d25524 Mon Sep 17 00:00:00 2001
From: Ishank Arora <ishank011@gmail.com>
Date: Wed, 30 Mar 2022 14:20:40 +0200
Subject: [PATCH] Handle panic in ParseEntry

---
 pkg/storage/utils/acl/acl.go | 32 ++++++++++++++++++--------------
 1 file changed, 18 insertions(+), 14 deletions(-)

diff --git a/pkg/storage/utils/acl/acl.go b/pkg/storage/utils/acl/acl.go
index 802bcf3a1a..e678aeb8de 100644
--- a/pkg/storage/utils/acl/acl.go
+++ b/pkg/storage/utils/acl/acl.go
@@ -124,22 +124,26 @@ type Entry struct {
 // ParseEntry parses a single ACL
 func ParseEntry(singleSysACL string) (*Entry, error) {
 	tokens := strings.Split(singleSysACL, ":")
-	if len(tokens) != 3 {
-		if len(tokens) == 2 {
-			// The ACL entries might be stored as type:qualifier=permissions
-			// Handle that case separately
-			parts := (strings.Split(tokens[1], "="))
-			tokens = []string{tokens[0], parts[0], parts[1]}
-		} else {
-			return nil, errInvalidACL
+	switch len(tokens) {
+	case 2:
+		// The ACL entries might be stored as type:qualifier=permissions
+		// Handle that case separately
+		parts := strings.SplitN(tokens[1], "=", 2)
+		if len(parts) == 2 {
+			return &Entry{
+				Type:        tokens[0],
+				Qualifier:   parts[0],
+				Permissions: parts[1],
+			}, nil
 		}
+	case 3:
+		return &Entry{
+			Type:        tokens[0],
+			Qualifier:   tokens[1],
+			Permissions: tokens[2],
+		}, nil
 	}
-
-	return &Entry{
-		Type:        tokens[0],
-		Qualifier:   tokens[1],
-		Permissions: tokens[2],
-	}, nil
+	return nil, errInvalidACL
 }
 
 // ParseLWEntry parses a single lightweight ACL