1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

network: set maximum length to be read by read_full_file_full()

Fixes #29264 and oss-fuzz#62556
(https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62556).
This commit is contained in:
Yu Watanabe 2023-10-02 10:28:55 +09:00
parent 7e2a5fbd85
commit 4ed95fafad
3 changed files with 13 additions and 5 deletions

View File

@ -959,15 +959,19 @@ static int macsec_read_key_file(NetDev *netdev, SecurityAssociation *sa) {
return 0;
r = read_full_file_full(
AT_FDCWD, sa->key_file, UINT64_MAX, SIZE_MAX,
READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX | READ_FULL_FILE_WARN_WORLD_READABLE | READ_FULL_FILE_CONNECT_SOCKET,
AT_FDCWD, sa->key_file, UINT64_MAX, MACSEC_KEYID_LEN,
READ_FULL_FILE_SECURE |
READ_FULL_FILE_UNHEX |
READ_FULL_FILE_WARN_WORLD_READABLE |
READ_FULL_FILE_CONNECT_SOCKET |
READ_FULL_FILE_FAIL_WHEN_LARGER,
NULL, (char **) &key, &key_len);
if (r < 0)
return log_netdev_error_errno(netdev, r,
"Failed to read key from '%s', ignoring: %m",
sa->key_file);
if (key_len != 16)
if (key_len != MACSEC_KEYID_LEN)
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"Invalid key length (%zu bytes), ignoring: %m", key_len);

View File

@ -1037,8 +1037,12 @@ static int wireguard_read_key_file(const char *filename, uint8_t dest[static WG_
assert(dest);
r = read_full_file_full(
AT_FDCWD, filename, UINT64_MAX, SIZE_MAX,
READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64 | READ_FULL_FILE_WARN_WORLD_READABLE | READ_FULL_FILE_CONNECT_SOCKET,
AT_FDCWD, filename, UINT64_MAX, WG_KEY_LEN,
READ_FULL_FILE_SECURE |
READ_FULL_FILE_UNBASE64 |
READ_FULL_FILE_WARN_WORLD_READABLE |
READ_FULL_FILE_CONNECT_SOCKET |
READ_FULL_FILE_FAIL_WHEN_LARGER,
NULL, &key, &key_len);
if (r < 0)
return r;

Binary file not shown.