From a9ee0bf6222ba2f9ddb3b10c843231270721b86b Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH] skill: Check return value of str*chr() in check_proc().

---
 skill.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/skill.c b/skill.c
index 27a1dd77..edc42053 100644
--- a/skill.c
+++ b/skill.c
@@ -204,6 +204,8 @@ static void check_proc(int pid, struct run_time_conf_t *run_time)
 		goto closure;
 	buf[len] = '\0';
 	tmp = strrchr(buf, ')');
+	if (!tmp)
+		goto closure;
 	*tmp++ = '\0';
 	i = 5;
 	while (i--)
@@ -218,7 +220,10 @@ static void check_proc(int pid, struct run_time_conf_t *run_time)
 		if (i == -1)
 			goto closure;
 	}
-	tmp = strchr(buf, '(') + 1;
+	tmp = strchr(buf, '(');
+	if (!tmp)
+		goto closure;
+	tmp++;
 	if (cmds) {
 		i = cmd_count;
 		/* fast comparison trick -- useful? */