From 4c00458e99df7c5e0a0b1e62dcaab8c90f6e4ed2 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Wed, 31 Jul 2024 23:38:25 +0200
Subject: [PATCH] core/exec-credential: emit correct error on invalid cred
 source

The (!source && !search_path) branch is effectively not reached,
but rather confusing. Let's return -EINVAL properly.
---
 src/core/exec-credential.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/core/exec-credential.c b/src/core/exec-credential.c
index e06fc21c315..695c820f9c8 100644
--- a/src/core/exec-credential.c
+++ b/src/core/exec-credential.c
@@ -547,10 +547,10 @@ static int load_credential(
 
         ReadFullFileFlags flags = READ_FULL_FILE_SECURE|READ_FULL_FILE_FAIL_WHEN_LARGER;
         _cleanup_strv_free_ char **search_path = NULL;
-        _cleanup_(erase_and_freep) char *data = NULL;
         _cleanup_free_ char *bindname = NULL;
         const char *source = NULL;
-        bool missing_ok = true;
+        bool missing_ok;
+        _cleanup_(erase_and_freep) char *data = NULL;
         size_t size, maxsz;
         int r;
 
@@ -603,7 +603,7 @@ static int load_credential(
 
                 missing_ok = true;
         } else
-                source = NULL;
+                return -EINVAL;
 
         if (args->encrypted) {
                 flags |= READ_FULL_FILE_UNBASE64;
@@ -638,7 +638,7 @@ static int load_credential(
                                 bindname,
                                 &data, &size);
         else
-                r = -ENOENT;
+                assert_not_reached();
 
         if (r == -ENOENT && (missing_ok || hashmap_contains(args->context->set_credentials, id))) {
                 /* Make a missing inherited credential non-fatal, let's just continue. After all apps
-- 
2.47.3