From 5ec00f70c8e6db5fc242bc2f3b574a3e4eb2ed52 Mon Sep 17 00:00:00 2001
From: Mikhail Dmitrichenko <m.dmitrichenko222@gmail.com>
Date: Thu, 31 Jul 2025 12:20:52 +0300
Subject: [PATCH] fix: avoid cmd double-free in procevent_monitor

There is a possible execution path in procevent_monitor function,
when allocated memory for cmd may be deallocated twice.

Commit adds check before deallocating memory.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Mikhail Dmitrichenko <m.dmitrichenko222@gmail.com>
---
 src/firemon/procevent.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c
index 24663cbb4..716c08b00 100644
--- a/src/firemon/procevent.c
+++ b/src/firemon/procevent.c
@@ -496,7 +496,9 @@ static void __attribute__((noreturn)) procevent_monitor(const int sock, pid_t my
 					sprintf(lineptr, "\n");
 				else {
 					sprintf(lineptr, " %s\n", cmd);
-					free(cmd);
+					if (cmd != pids[pid].option.event.cmd) {
+						free(cmd);
+					}
 				}
 				lineptr += strlen(lineptr);
 			}