From 115f8dddfdd134909e322fe23aba6458ca0908a2 Mon Sep 17 00:00:00 2001
From: Omer Anson <omer.anson@toganetworks.com>
Date: Wed, 20 May 2020 08:51:47 +0300
Subject: [PATCH] linux/process: Support reading empty values from
 /proc/pid/status

The file /proc/<pid>/status provides information about a process in
the format 'key: value'. The parsing of this file failed if 'value'
was empty.

Add an dummy value that will be taken in case the real value from
the status file does not exist.

Additionally, update the log message from the parsing code to also
output the exception, if one is raised.

Related: #3035
---
 cuckoo/data/analyzer/linux/lib/api/process.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cuckoo/data/analyzer/linux/lib/api/process.py b/cuckoo/data/analyzer/linux/lib/api/process.py
index 7aaae353ba..eb7da2873f 100644
--- a/cuckoo/data/analyzer/linux/lib/api/process.py
+++ b/cuckoo/data/analyzer/linux/lib/api/process.py
@@ -31,10 +31,10 @@ def get_parent_pid(self):
     def get_proc_status(self):
         try:
             status = open("/proc/%u/status" % self.pid).readlines()
-            status_values = dict((i[0], i[1]) for i in [j.strip().split(None, 1) for j in status])
+            status_values = dict((i[0], i[1]) for i in [j.strip().split(None, 1) + [""] for j in status])
             return status_values
         except:
-            log.critical("could not get process status for pid %u", self.pid)
+            log.exception("could not get process status for pid %u", self.pid)
         return {}
 
     def execute(self, cmd):