From 4cf0703c580ee94c8deee9ae6ac53113b46b901d Mon Sep 17 00:00:00 2001
From: Li Yuxuan <liyuxuan04@baidu.com>
Date: Fri, 23 Aug 2019 23:51:39 +0800
Subject: [PATCH] v2: Prevent killing all container processes when exec is
 failed

If an exec is failed(such as executable file not found in $PATH), the
`execs.id` will be empty. This leads to all the container processes
being killed when calling `Kill` on such exec id.

Fixes: #2001
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
---
 containerd-shim-v2/service.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/containerd-shim-v2/service.go b/containerd-shim-v2/service.go
index af3dd47da5..42f317816c 100644
--- a/containerd-shim-v2/service.go
+++ b/containerd-shim-v2/service.go
@@ -675,6 +675,14 @@ func (s *service) Kill(ctx context.Context, r *taskAPI.KillRequest) (_ *ptypes.E
 			return nil, err
 		}
 		processID = execs.id
+		if processID == "" {
+			logrus.WithFields(logrus.Fields{
+				"sandbox":   s.sandbox.ID(),
+				"Container": c.id,
+				"ExecID":    r.ExecID,
+			}).Debug("Id of exec process to be signalled is empty")
+			return empty, errors.New("The exec process does not exist")
+		}
 	}
 
 	return empty, s.sandbox.SignalProcess(c.id, processID, signum, r.All)