How to debug gitlab source code, about cve-2021-22205

I am currently working on cve-2021-22205 (gitlab rce). I know that gitlab uploads files through gitlab-workhorse. I now want to debug the source code of gitlab-workhorse or gitlab. I want to know why gitlab does not verify the permission to upload files, but I am not familiar with them, and I have searched a lot on the Internet. The information does not explain in detail how to debug gitlab-workhorse or gitlab. I want to ask for your help. thanks. You can refer to this article

1 Like