Avoid possible crash and memory leak in killall

In the case of a command line match, load_proc_cmdline would return a
pointer that was not obtained from malloc, which then would be freed in
kill_all. This behavior could result in a SIGSEGV.

In the case of an empty command line, load_proc_cmdline would return -1,
causing its internal buffer to be leaked in kill_all.

Signed-off-by: Radu Rendec <radu.rendec@mindbit.ro>
Signed-off-by: Craig Small <csmall@enc.com.au>

diff --git a/src/killall.c b/src/killall.c
index 5b3315ec80ed47630a54f9172e0b9e46d4393dd7..bd882f0c8123f75c83fc0e997c85bd2183a6bbab 100644 (file)
--- a/src/killall.c
+++ b/src/killall.c
@@ -364,7 +364,8 @@ load_proc_cmdline(const pid_t pid, const char *comm, char **command, int *got_lo
        p = p ? p+1 : command_buf;
        if (strncmp(p, comm, COMM_LEN-1) == 0) {
            okay = 1;
-           *command = p;
+           if (!(*command = strdup(p)))
+               exit(1);
            break;
        }
     }