From c6b42890c0ea711146e07716eda48caf8a636c46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gustavo=20I=C3=B1iguez=20Goia?= <gooffy1@gmail.com>
Date: Mon, 17 Feb 2025 14:15:28 +0100
Subject: [PATCH] proc.readEnv() improvements

 - Minimize the risk of race conditions when we're prompting the user to
   allow/deny a connection, while we're still reading proc's environ file.
   (this was actually a leak).
 - Preallocate the Env map with the expected environ vars.
---
 daemon/procmon/details.go | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/daemon/procmon/details.go b/daemon/procmon/details.go
index f32f7149..29aa6cf5 100644
--- a/daemon/procmon/details.go
+++ b/daemon/procmon/details.go
@@ -174,6 +174,7 @@ func (p *Process) ReadEnv() {
 	}
 	raw = bytes.Trim(raw, "\r\n\t")
 	vars := strings.Split(string(raw), "\x00")
+	env := make(map[string]string, len(vars))
 	for _, s := range vars {
 		idx := strings.Index(s, "=")
 		if idx == -1 {
@@ -182,10 +183,14 @@ func (p *Process) ReadEnv() {
 
 		key := s[:idx]
 		val := s[idx+1 : len(s)]
-		p.mu.Lock()
-		p.Env[key] = val
-		p.mu.Unlock()
+		env[key] = val
 	}
+	// Minimize the risk of race conditions by not locking the map inside the loop.
+	// It may cause leaks when prompting the user to allow/deny.
+	p.mu.Lock()
+	p.Env = env
+	p.mu.Unlock()
+
 }
 
 // ReadMaps reads the /proc/<pid>/maps file.