From 8a850f47d070a19bac355807f16461bf52807510 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Thu, 20 Nov 2025 14:25:50 +0800
Subject: [PATCH] blsuki: Fix grub_errno leakage in blsuki_is_default_entry()

The grub_strtol() call in blsuki_is_default_entry() can set grub_errno
to either GRUB_ERR_BAD_NUMBER or GRUB_ERR_OUT_OF_RANGE if the input
string is invalid or out of range.

This grub_errno value is currently left uncleared, which can lead to
unexpected behavior in subsequent functions that rely on checking
current state of grub_errno.

Clear grub_errno unconditionally when grub_strtol() reports error so
that we can plug the leak.

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 grub-core/commands/blsuki.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/grub-core/commands/blsuki.c b/grub-core/commands/blsuki.c
index d089dec62..a169e3f59 100644
--- a/grub-core/commands/blsuki.c
+++ b/grub-core/commands/blsuki.c
@@ -1360,6 +1360,10 @@ blsuki_is_default_entry (const char *def_entry, grub_blsuki_entry_t *entry, int
     return true;
 
   def_idx = grub_strtol (def_entry, &def_entry_end, 0);
+
+  /* Clear grub_errno so we can plug the leak. */
+  grub_errno = GRUB_ERR_NONE;
+
   if (*def_entry_end != '\0' || def_idx < 0 || def_idx > GRUB_INT_MAX)
     return false;
 
-- 
2.47.3