recvfrom calls with very little data

[HarkonenBade]

Some recvfrom calls in the buildinject trace show very little helpful data for the address of the object being acted upon.

e.g.

{
"event": "audit:event:aue_recvfrom:",
"time": 1490666258218088396,
"pid": 700,
"ppid": 1,
"tid": 100070,
"uid": 0,
"cpu_id": 3,
"exec": "syslogd",
"subjprocuuid": "4b886bfc-130f-11e7-a37e-44a842348b1c",
"subjthruuid": "484e2431-130f-11e7-a367-44a842348b1c",
"arg_objuuid1": "4b888bbb-130f-11e7-a37e-44a842348b1c",
"ret_msgid": 277,
"upath1": "/",
"fd": 3,
"address": "",
"retval": 104
}

Here we see that upath1 is set to /, address is empty and port is non-present. So I'd assume that this was probably a UDS socket that the call was made on, but I have no idea what path it had, as / seems implausible.

I haven't observed many sendto calls in the traces I've seen, but i'd suspect that they may exhibit the same problems.