network: fix use-of-uninitialized-value or null dereference

This fixes a bug introduced by 6ef5c881dd5568f08dc35013e24f7d857f36b207.

Fixes oss-fuzz#14157 and oss-fuzz#14158.

1 files changed, 5 insertions, 11 deletions

diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 5aa10fc4de..7959c1c01f 100644
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -498,24 +498,18 @@ static int wireguard_decode_key_and_warn(
                 (void) warn_file_is_world_accessible(filename, NULL, unit, line);
 
         r = unbase64mem_full(rvalue, strlen(rvalue), true, &key, &len);
-        if (r < 0) {
-                log_syntax(unit, LOG_ERR, filename, line, r,
+        if (r < 0)
+                return log_syntax(unit, LOG_ERR, filename, line, r,
                            "Failed to decode wireguard key provided by %s=, ignoring assignment: %m", lvalue);
-                goto finalize;
-        }
         if (len != WG_KEY_LEN) {
-                log_syntax(unit, LOG_ERR, filename, line, 0,
+                explicit_bzero_safe(key, len);
+                return log_syntax(unit, LOG_ERR, filename, line, 0,
                            "Wireguard key provided by %s= has invalid length (%zu bytes), ignoring assignment.",
                            lvalue, len);
-                goto finalize;
         }
 
         memcpy(ret, key, WG_KEY_LEN);
-        r = 0;
-
-finalize:
-        explicit_bzero_safe(key, len);
-        return r;
+        return 0;
 }
 
 int config_parse_wireguard_private_key(