anitazha / rpms / systemd

Forked from rpms/systemd 3 years ago
Clone
84b277
From 250a6ce38605fe172541fb75e8d64132f2ec38d4 Mon Sep 17 00:00:00 2001
84b277
From: Andreas Henriksson <andreas@fatal.se>
84b277
Date: Fri, 13 Jun 2014 18:48:19 +0200
84b277
Subject: [PATCH] core: fix invalid free() in killall()
84b277
84b277
static int killall(....) in ./src/core/killall.c tries to get "s"
84b277
initialized by calling get_process_comm(...) which calls
84b277
read_one_line_file(...) which if it fails will mean it is left
84b277
uninitialized.
84b277
It is then used in argument to strna(s) call where it is
84b277
dereferenced(!), in addition to nothing else initializing it before
84b277
the scope it is in finishes.
84b277
84b277
(cherry-picked from 3e09eb5c83e56bc0184bd9d9c44f76047464f77c)
84b277
84b277
Resolves: #1147524
84b277
---
84b277
 src/core/killall.c | 2 +-
84b277
 1 file changed, 1 insertion(+), 1 deletion(-)
84b277
84b277
diff --git a/src/core/killall.c b/src/core/killall.c
84b277
index e395050..967dac0 100644
84b277
--- a/src/core/killall.c
84b277
+++ b/src/core/killall.c
84b277
@@ -167,7 +167,7 @@ static int killall(int sig, Set *pids) {
84b277
                         continue;
84b277
 
84b277
                 if (sig == SIGKILL) {
84b277
-                        _cleanup_free_ char *s;
84b277
+                        _cleanup_free_ char *s = NULL;
84b277
 
84b277
                         get_process_comm(pid, &s);
84b277
                         log_notice("Sending SIGKILL to PID %lu (%s).", (unsigned long) pid, strna(s));