From 07aa040842cfd31a0c6e851900173d02dd01c7fe Mon Sep 17 00:00:00 2001
From: Nicolas Lacasse <nlacasse@google.com>
Date: Mon, 1 Oct 2018 13:54:57 -0700
Subject: [PATCH] Fix possible panic in control.Processes.

There was a race where we checked task.Parent() != nil, and then later called
task.Parent() again, assuming that it is not nil.  If the task is exiting, the
parent may have been set to nil in between the two calls, causing a panic.

This CL changes the code to only call task.Parent() once.

PiperOrigin-RevId: 215274456
Change-Id: Ib5a537312c917773265ec72016014f7bc59a5f59
---
 pkg/sentry/control/proc.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkg/sentry/control/proc.go b/pkg/sentry/control/proc.go
index 106055e86..faf1168bb 100644
--- a/pkg/sentry/control/proc.go
+++ b/pkg/sentry/control/proc.go
@@ -278,8 +278,8 @@ func Processes(k *kernel.Kernel, containerID string, out *[]*Process) error {
 		}
 
 		ppid := kernel.ThreadID(0)
-		if tg.Leader().Parent() != nil {
-			ppid = ts.Root.IDOfThreadGroup(tg.Leader().Parent().ThreadGroup())
+		if p := tg.Leader().Parent(); p != nil {
+			ppid = ts.Root.IDOfThreadGroup(p.ThreadGroup())
 		}
 		*out = append(*out, &Process{
 			UID:   tg.Leader().Credentials().EffectiveKUID,