wireguard: prevent stacksmashing on poorly formed base64 keys

Integer math on 32 bytes of base64 data might yield 33 bytes
of data in some poorly formed user input of private key values.
Rather than smashing the stack (detected) and aborting, simply
allow for the possible yet irrelevant 33-rd byte of data.

Type: fix
Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88
Change-Id: I42acfbf3e8fbb3d517e21c53d4f80459d4800e9d
Signed-off-by: Jon Loeliger <jdl@netgate.com>

diff --git a/src/plugins/wireguard/wireguard_cli.c b/src/plugins/wireguard/wireguard_cli.c
index 5e0b724..02c2e39 100644 (file)
--- a/src/plugins/wireguard/wireguard_cli.c
+++ b/src/plugins/wireguard/wireguard_cli.c
@@ -25,7 +25,7 @@ wg_if_create_cli (vlib_main_t * vm,
 {
   wg_main_t *wmp = &wg_main;
   unformat_input_t _line_input, *line_input = &_line_input;
-  u8 private_key[NOISE_PUBLIC_KEY_LEN];
+  u8 private_key[NOISE_PUBLIC_KEY_LEN + 1];
   u32 instance, sw_if_index;
   ip_address_t src_ip;
   clib_error_t *error;