From e9339782a631eeef01281bc7e1633dd6b970106e Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Sun, 29 Sep 2024 13:40:03 -0400
Subject: [PATCH] In passwordFromFile, don't leak the open file after stat
 failures.

Oversight in e882bcae0.  Per Coverity.
---
 src/interfaces/libpq/fe-connect.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index d5a72587d24..4094bcbcf0f 100644
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -7482,13 +7482,17 @@ passwordFromFile(const char *hostname, const char *port, const char *dbname,
 
 #ifndef WIN32
 	if (fstat(fileno(fp), &stat_buf) != 0)
+	{
+		fclose(fp);
 		return NULL;
+	}
 
 	if (!S_ISREG(stat_buf.st_mode))
 	{
 		fprintf(stderr,
 				libpq_gettext("WARNING: password file \"%s\" is not a plain file\n"),
 				pgpassfile);
+		fclose(fp);
 		return NULL;
 	}
 
@@ -7498,6 +7502,7 @@ passwordFromFile(const char *hostname, const char *port, const char *dbname,
 		fprintf(stderr,
 				libpq_gettext("WARNING: password file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n"),
 				pgpassfile);
+		fclose(fp);
 		return NULL;
 	}
 #else
-- 
2.30.2