diff options
Diffstat (limited to '')
| -rw-r--r-- | src/network/netdev/wireguard.c | 16 | ||||
| -rw-r--r-- | test/fuzz/fuzz-netdev-parser/oss-fuzz-14157 | 5 | ||||
| -rw-r--r-- | test/fuzz/fuzz-netdev-parser/oss-fuzz-14158 | 5 |
3 files changed, 15 insertions, 11 deletions
diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c index 5aa10fc4de..7959c1c01f 100644 --- a/src/network/netdev/wireguard.c +++ b/src/network/netdev/wireguard.c @@ -498,24 +498,18 @@ static int wireguard_decode_key_and_warn( (void) warn_file_is_world_accessible(filename, NULL, unit, line); r = unbase64mem_full(rvalue, strlen(rvalue), true, &key, &len); - if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, r, + if (r < 0) + return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode wireguard key provided by %s=, ignoring assignment: %m", lvalue); - goto finalize; - } if (len != WG_KEY_LEN) { - log_syntax(unit, LOG_ERR, filename, line, 0, + explicit_bzero_safe(key, len); + return log_syntax(unit, LOG_ERR, filename, line, 0, "Wireguard key provided by %s= has invalid length (%zu bytes), ignoring assignment.", lvalue, len); - goto finalize; } memcpy(ret, key, WG_KEY_LEN); - r = 0; - -finalize: - explicit_bzero_safe(key, len); - return r; + return 0; } int config_parse_wireguard_private_key( diff --git a/test/fuzz/fuzz-netdev-parser/oss-fuzz-14157 b/test/fuzz/fuzz-netdev-parser/oss-fuzz-14157 new file mode 100644 index 0000000000..d3a65e1fed --- /dev/null +++ b/test/fuzz/fuzz-netdev-parser/oss-fuzz-14157 @@ -0,0 +1,5 @@ +[NetDev] +Name=w +Kind=wireguard +[WireGuardPeer] +PublicKey=e
\ No newline at end of file diff --git a/test/fuzz/fuzz-netdev-parser/oss-fuzz-14158 b/test/fuzz/fuzz-netdev-parser/oss-fuzz-14158 new file mode 100644 index 0000000000..6f6bf723b4 --- /dev/null +++ b/test/fuzz/fuzz-netdev-parser/oss-fuzz-14158 @@ -0,0 +1,5 @@ +[NetDev] +Name=w +Kind=wireguard +[WireGuard] +PrivateKey=E
\ No newline at end of file |