os: avoid closing null fd at Fopen

In `Fopen` function variable `iop` may store NULL as a result of `fopen` call. In this case, if later privileges couldn't be restored (`seteuid` call fails), further `fclose(iop)` call will cause runtime error. This commit adds check `iop` for NULL before calling `fclose` to prevent potential NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Mikhail Dmitrichenko <m.dmitrichenko222@gmail.com> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2115>
2026-03-24 03:44:06 +00:00 · 2025-12-19 18:57:20 +02:00
parent 7fef1f9246
commit 252dda933a
1 changed files with 3 additions and 1 deletions
--- a/os/utils.c
+++ b/os/utils.c
@@ -1122,7 +1122,9 @@ Fopen(const char *file, const char *type)
    iop = fopen(file, type);

    if (seteuid(euid) == -1) {
-        fclose(iop);
+        if (iop) {
+            fclose(iop);
+        }
        return NULL;
    }
    return iop;