fix(libsinsp): fix some path handling in fs.path

userspace/libsinsp/parsers.cpp

@@ -2326,6 +2326,7 @@ void sinsp_parser::parse_execve_exit(sinsp_evt *evt)
 				else if(flags & PPM_EXVAT_AT_EMPTY_PATH)
 				{
 					/* In this case `sdir` will always be an absolute path.
+					 * concatenate_paths takes care of resolving the path
 					*/
 					fullpath = sinsp_utils::concatenate_paths("", sdir);
 

userspace/libsinsp/sinsp_filtercheck_event.cpp

@@ -486,6 +486,7 @@ uint8_t *sinsp_filter_check_event::extract_abspath(sinsp_evt *evt, OUT uint32_t
 		{
 			//
 			// Get the file path directly from the ring buffer.
+			// concatenate_paths takes care of resolving the path
 			//
 			m_strstorage = sinsp_utils::concatenate_paths("", evt->get_param(3)->as<std::string_view>());
 

userspace/libsinsp/sinsp_filtercheck_fspath.cpp

@@ -16,6 +16,7 @@ limitations under the License.
 
 */
 
+#include <filesystem>
 #include "sinsp_filtercheck_fspath.h"
 #include "sinsp_filtercheck_event.h"
 #include "sinsp_filtercheck_fd.h"
@@ -282,7 +283,7 @@ uint8_t* sinsp_filter_check_fspath::extract(sinsp_evt* evt, OUT uint32_t* len, b
 			{
 				return NULL;
 			}
-			m_tstr.assign((char *) extract_values[0].ptr, extract_values[0].len);
+			m_tstr.assign((const char*) extract_values[0].ptr, strnlen((const char*) extract_values[0].ptr, extract_values[0].len));
 		};
 
 		break;
@@ -305,7 +306,7 @@ uint8_t* sinsp_filter_check_fspath::extract(sinsp_evt* evt, OUT uint32_t* len, b
 			{
 				return NULL;
 			}
-			m_tstr.assign((char *) extract_values[0].ptr, extract_values[0].len);
+			m_tstr.assign((const char*) extract_values[0].ptr, strnlen((const char*) extract_values[0].ptr, extract_values[0].len));
 		};
 		break;
 	case TYPE_TARGET:
@@ -328,7 +329,7 @@ uint8_t* sinsp_filter_check_fspath::extract(sinsp_evt* evt, OUT uint32_t* len, b
 			{
 				return NULL;
 			}
-			m_tstr.assign((char *) extract_values[0].ptr, extract_values[0].len);
+			m_tstr.assign((const char*) extract_values[0].ptr, strnlen((const char*) extract_values[0].ptr, extract_values[0].len));
 		};
 		break;
 	default:
@@ -339,8 +340,7 @@ uint8_t* sinsp_filter_check_fspath::extract(sinsp_evt* evt, OUT uint32_t* len, b
 	// prepend the cwd of the threadinfo to the path.
 	if((m_field_id == TYPE_NAME ||
 	    m_field_id == TYPE_SOURCE ||
-	    m_field_id == TYPE_TARGET)
-	   && m_tstr.front() != '/')
+	    m_field_id == TYPE_TARGET))
 	{
 		sinsp_threadinfo* tinfo = evt->get_thread_info();
 
@@ -349,17 +349,14 @@ uint8_t* sinsp_filter_check_fspath::extract(sinsp_evt* evt, OUT uint32_t* len, b
 			return NULL;
 		}
 
-		m_tstr = sinsp_utils::concatenate_paths(tinfo->get_cwd(), m_tstr);
-	}
-
-	// If m_tstr ends in a c-style \0, remove it to be
-	// consistent. Generally, the evt.rawarg fields above *will*
-	// end in c-style \0 characters, while the ones that extract
-	// from the enter event or have values populated by parsers
-	// (e.g. fchmod/fchown) will not.
-	if(m_tstr.back() == '\0')
-	{
-		m_tstr.pop_back();
+		if(!std::filesystem::path(m_tstr).is_absolute())
+		{
+			m_tstr = sinsp_utils::concatenate_paths(tinfo->get_cwd(), m_tstr);
+		} else
+		{
+			// concatenate_paths takes care of resolving the path
+			m_tstr = sinsp_utils::concatenate_paths("", m_tstr);
+		}
 	}
 
 	RETURN_EXTRACT_STRING(m_tstr);