From 252dda933af56ef9d2dc04e658390f5a4723c862 Mon Sep 17 00:00:00 2001
From: Mikhail Dmitrichenko <m.dmitrichenko222@gmail.com>
Date: Fri, 19 Dec 2025 18:57:20 +0200
Subject: [PATCH] os: avoid closing null fd at Fopen

In `Fopen` function variable `iop` may store NULL as a result of `fopen`
call. In this case, if later privileges couldn't be restored (`seteuid`
call fails), further `fclose(iop)` call will cause runtime error.

This commit adds check `iop` for NULL before calling `fclose` to prevent
potential NULL pointer dereference.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Mikhail Dmitrichenko <m.dmitrichenko222@gmail.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2115>
---
 os/utils.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/os/utils.c b/os/utils.c
index 553acc75a8..465d30c911 100644
--- a/os/utils.c
+++ b/os/utils.c
@@ -1122,7 +1122,9 @@ Fopen(const char *file, const char *type)
     iop = fopen(file, type);
 
     if (seteuid(euid) == -1) {
-        fclose(iop);
+        if (iop) {
+            fclose(iop);
+        }
         return NULL;
     }
     return iop;