From 635ab3623cf7df356966180aa7d8b471e863061d Mon Sep 17 00:00:00 2001
From: Nepomuk Crhonek <105591323+Nepomuk5665@users.noreply.github.com>
Date: Fri, 23 Jan 2026 20:00:14 +0100
Subject: [PATCH] Fix potential nil pointer dereference in container event
 monitoring

The condition for checking container restart state had incorrect operator
precedence. The expression:

  inspect.State != nil && inspect.State.Restarting || inspect.State.Running

is evaluated as:

  (inspect.State != nil && inspect.State.Restarting) || inspect.State.Running

This means if inspect.State is nil and inspect.State.Restarting is false
(which would trigger a panic), the code would attempt to access
inspect.State.Running, causing a nil pointer dereference.

This fix adds parentheses to ensure the nil check applies to both
state checks:

  inspect.State != nil && (inspect.State.Restarting || inspect.State.Running)

Signed-off-by: Nepomuk Crhonek <105591323+Nepomuk5665@users.noreply.github.com>
---
 pkg/compose/monitor.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/compose/monitor.go b/pkg/compose/monitor.go
index e7e70c88308..70dd30ada00 100644
--- a/pkg/compose/monitor.go
+++ b/pkg/compose/monitor.go
@@ -147,7 +147,7 @@ func (c *monitor) Start(ctx context.Context) error {
 					return err
 				}
 
-				if inspect.State != nil && inspect.State.Restarting || inspect.State.Running {
+				if inspect.State != nil && (inspect.State.Restarting || inspect.State.Running) {
 					// State.Restarting is set by engine when container is configured to restart on exit
 					// on ContainerRestart it doesn't (see https://github.com/moby/moby/issues/45538)
 					// container state still is reported as "running"