From: Andreas Henriksson <andreas@fatal.se>
Date: Fri, 13 Jun 2014 16:48:19 +0000 (+0200)
Subject: core: fix invalid free() in killall()
X-Git-Tag: v215~440
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=3e09eb5c83e56bc0184bd9d9c44f76047464f77c;hp=8186d9dda0d3f8a853afe6fdbd605f42151fe165;p=elogind.git

core: fix invalid free() in killall()

static int killall(....) in ./src/core/killall.c tries to get "s"
initialized by calling get_process_comm(...) which calls
read_one_line_file(...) which if it fails will mean it is left
uninitialized.
It is then used in argument to strna(s) call where it is
dereferenced(!), in addition to nothing else initializing it before
the scope it is in finishes.
---

diff --git a/src/core/killall.c b/src/core/killall.c
index 57ed41c5a..eab48f7dc 100644
--- a/src/core/killall.c
+++ b/src/core/killall.c
@@ -168,7 +168,7 @@ static int killall(int sig, Set *pids, bool send_sighup) {
                         continue;
 
                 if (sig == SIGKILL) {
-                        _cleanup_free_ char *s;
+                        _cleanup_free_ char *s = NULL;
 
                         get_process_comm(pid, &s);
                         log_notice("Sending SIGKILL to PID "PID_FMT" (%s).", pid, strna(s));