fix(libsinsp): fix some path handling in fs.path

[incertum]

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area API-version

/area build

/area CI

/area driver-kmod

/area driver-bpf

/area driver-modern-bpf

/area libscap-engine-bpf

/area libscap-engine-gvisor

/area libscap-engine-kmod

/area libscap-engine-modern-bpf

/area libscap-engine-nodriver

/area libscap-engine-noop

/area libscap-engine-source-plugin

/area libscap-engine-savefile

/area libscap

/area libpman

/area libsinsp

/area tests

/area proposals

Does this PR require a change in the driver versions?

/version driver-API-version-major

/version driver-API-version-minor

/version driver-API-version-patch

/version driver-SCHEMA-version-major

/version driver-SCHEMA-version-minor

/version driver-SCHEMA-version-patch

What this PR does / why we need it:

fs.path* still had some minor bugs in handling path resolution and ensuring no trailing / is in the output fields.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

fix(libsinsp): fix some path handling in fs.path

[incertum]

/milestone 0.14.0

[incertum]

To the best of my testing abilities fd.name and fs.path.name now behave consistently the same way.

[incertum]

@federico-sysdig and @LucaGuerra hope you are ready for the next round 🤦‍♀️
Similar to the last PR we also have some issues here with the string. The possible trailing slash would not be removed otherwise. I have adjusted the unit tests to test this as well. Plus we also need to call concatenate_paths when the path is absolute. Absolute paths with path traversal happen on real-life servers.

[incertum]

Test for possible trailing / and path traversal for absolute paths.

[incertum]

We could convert test_exit_path_raw to test_exit_path. That way the unit tests are clearer and more functional.

[federico-sysdig]

Wrote just a few comments.

[federico-sysdig]

std::string should be automatically cast to std::string_view, I don't think you need the c_str() call (which needs an automatic cast from const char* to std::string_view anyway). A similar simplification can be done a few lines above.

[incertum]

We had that discussion before, nothing else worked here ...

[federico-sysdig]

Please, forgive me, I forgot. I'm aging. I'm noticing that we do pass a straight std::string to this function elsewhere. Do you mean that in this specific call instance it is not working? As in not compiling or not doing the right concatenation?

[incertum]

It's not doing the right concatenation. I developed and tested on my fedora Linux box.

[incertum]

Rebased and squashed with the solution we all want, but I am now still getting some errors locally:

[  PASSED  ] 417 tests.
[  FAILED  ] 4 tests, listed below:
[  FAILED  ] fspath.unlinkat_2
[  FAILED  ] fspath.open
[  FAILED  ] fspath.openat_2
[  FAILED  ] fspath.openat2

all similar like:

Expected equality of these values:
  get_field_as_string(evt, fs_path_name).c_str()
    Which is: "/root/tmp/name/"
  expected_name
    Which is: "/root/tmp/name"

[incertum]

CI is confirming these failures.

[LucaGuerra]

@incertum the problem lies in the m_tstr.assign() calls in that file. As you can see the are taking a raw buffer (incl. NUL terminator) and converting it into a string by giving it the total length so they will always include the NUL. We don't want that, so we should change those assignments to build the string only up to its length to e.g.:

m_tstr.assign((const char*) extract_values[0].ptr, strnlen((const char*) extract_values[0].ptr, extract_values[0].len));

At this point I think we can safely remove the part that says:

	// If m_tstr ends in a c-style \0, remove it to be
	// consistent. Generally, the evt.rawarg fields above *will*
	// end in c-style \0 characters, while the ones that extract
	// from the enter event or have values populated by parsers
	// (e.g. fchmod/fchown) will not.
	if(m_tstr.back() == '\0')
	{
		m_tstr.pop_back();
	}

This becomes redundant because we already deal with the problem earlier as we should, I think it's good to maintain the invariant that m_tstr is a well formed string.

[LucaGuerra]

once the problem explained below is fixed I believe we can safely revert this change.

[incertum]

Follow up: I think we still need this as in this case we concatenate cwd and m_tstr, and else we still use the helper to possibly resolve the path.

[FedeDP]

Can we use std::filesystem::path::is_absolute instead? Much more readable IMHO.
If i got this correctly, we are stating that if m_tstr is relative, we attach the current working directory, else we use it as is, right?

[incertum]

else we use it as is, right?

almost correct we still need to resolve the absolute path as absolute paths can still contain path traversal. Statement based on real data observed.

[incertum]

Re #1571 (comment) thanks @LucaGuerra 🚀 -- suggestions incorporated plus I learned dos and donts with string handling for the future, thanks for that!

[LucaGuerra]

LGTM

[poiana]

LGTM label has been added.

Git tree hash: 49f3589de256b0d33ac5ae69763f9ead2be2293d

[FedeDP]

/approve

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, incertum, LucaGuerra

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [FedeDP,LucaGuerra,incertum]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment