Check error return from json.Unmarshal

Signed-off-by: Ted Yu <yuzhihong@gmail.com>
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

runtime/v2/runc/util.go

@@ -19,8 +19,15 @@
 package runc
 
 import (
+	"context"
+	"encoding/json"
+	"io/ioutil"
+	"path/filepath"
+
 	"github.com/containerd/containerd/api/events"
+	"github.com/containerd/containerd/log"
 	"github.com/containerd/containerd/runtime"
+	specs "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/sirupsen/logrus"
 )
 
@@ -53,3 +60,26 @@ func GetTopic(e interface{}) string {
 	}
 	return runtime.TaskUnknownTopic
 }
+
+// ShouldKillAllOnExit reads the bundle's OCI spec and returns true if
+// there is an error reading the spec or if the container has a private PID namespace
+func ShouldKillAllOnExit(ctx context.Context, bundlePath string) bool {
+	var bundleSpec specs.Spec
+	bundleConfigContents, err := ioutil.ReadFile(filepath.Join(bundlePath, "config.json"))
+	if err != nil {
+		log.G(ctx).WithError(err).Error("shouldKillAllOnExit: failed to read config.json")
+		return true
+	}
+	if err := json.Unmarshal(bundleConfigContents, &bundleSpec); err != nil {
+		log.G(ctx).WithError(err).Error("shouldKillAllOnExit: failed to unmarshal bundle json")
+		return true
+	}
+	if bundleSpec.Linux != nil {
+		for _, ns := range bundleSpec.Linux.Namespaces {
+			if ns.Type == specs.PIDNamespace && ns.Path == "" {
+				return false
+			}
+		}
+	}
+	return true
+}