From 97fce97c5478567dd325c54a3e8bb15e69a1315c Mon Sep 17 00:00:00 2001
From: Alec Brown <alec.r.brown@oracle.com>
Date: Wed, 22 Jan 2025 02:55:12 +0000
Subject: [PATCH] disk/ieee1275/ofdisk: Call grub_ieee1275_close() when
 grub_malloc() fails

In the dev_iterate() function a handle is opened but isn't closed when
grub_malloc() returns NULL. We should fix this by closing it on error.

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name disk-ieee1275-ofdisk-Call-grub_ieee1275_close-when-grub_m.patch
---
 grub-core/disk/ieee1275/ofdisk.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c
index 4c5b89c..dbc0f1a 100644
--- a/grub-core/disk/ieee1275/ofdisk.c
+++ b/grub-core/disk/ieee1275/ofdisk.c
@@ -267,7 +267,10 @@ dev_iterate (const struct grub_ieee1275_devalias *alias)
 
       buf = grub_malloc (sz);
       if (!buf)
-	return;
+	{
+	  grub_ieee1275_close (ihandle);
+	  return;
+	}
       bufptr = grub_stpcpy (buf, alias->path);
 
       for (i = 0; i < args.nentries; i++)
-- 
2.30.2