LOW 3.5

GHSA-4j89-2c4f-44c6

Gogs has DoS in rendering issue index pattern

상세

### Summary Special template of issue index pattern may cause panic.

### Details

in internal/markup/markup.go

```go link = fmt.Sprintf(`<a href="%s">%s</a>`, com.Expand(metas["format"], metas), m) ```

Issue index pattern is rendered to link with `com.Expand`.

However, `com.Expand` is not safe.

```go i = strings.Index(template, "}") if s, ok := match[template[:i]]; ok { ```

when `{` is found but `}` not found, i comes to 1, template[:-1] will be called, and then panicked

![image](https://user-images.githubusercontent.com/38121125/285883766-64873c44-d325-44ce-96a8-badbaadab178.png)

finally, all pages than contains issue index are unavailable.

### PoC

1. set issue index pattern as follow

![image](https://user-images.githubusercontent.com/38121125/285878157-c5fe848e-0fbd-4fdb-92d4-5eb01df2b8ca.png)

2. add a commit which point to an issue in its msg

![image](https://user-images.githubusercontent.com/38121125/285879545-bc360503-49b9-453f-aa24-9a5c5a45cf10.png)

using `#1` above

### Impact

DoS that cause part of pages of the specify repo unavailable.

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

최초 영향 버전: 0 수정 버전: 0.14.3

수정 go get gogs.io/gogs@v0.14.3