Long command line is not reported correctly

Indicate project libsysflow

Describe the bug Long command line is truncated and sometimes filled with garbage bytes at the end.

To reproduce Steps to reproduce the behavior:

Start the sf-collector callback example

Run the following command (it is a typical command executed after upgrade of ubuntu 22):

/usr/bin/grep -l reboot-required /var/lib/dpkg/info/adduser.postinst /var/lib/dpkg/info/ksh93u+m.postinst /var/lib/dpkg/info/perl-base.postinst /var/lib/dpkg/info/python3-service-identity.postinst /var/lib/dpkg/info/amd64-microcode.postinst /var/lib/dpkg/info/landscape-common.postinst /var/lib/dpkg/info/perl.postinst /var/lib/dpkg/info/python3-setuptools.postinst /var/lib/dpkg/info/apparmor.postinst /var/lib/dpkg/info/less.postinst /var/lib/dpkg/info/pinentry-curses.postinst /var/lib/dpkg/info/python3-six.postinst /var/lib/dpkg/info/apt.postinst /var/lib/dpkg/info/libc6:amd64.postinst /var/lib/dpkg/info/pkexec.postinst /var/lib/dpkg/info/python3-software-properties.postinst /var/lib/dpkg/info/autofs.postinst /var/lib/dpkg/info/libc-bin.postinst /var/lib/dpkg/info/plymouth.postinst /var/lib/dpkg/info/python3-systemd.postinst /var/lib/dpkg/info/base-files.postinst /var/lib/dpkg/info/libdebuginfod-common.postinst /var/lib/dpkg/info/plymouth-theme-ubuntu-text.postinst /var/lib/dpkg/info/python3-twisted.postinst /var/lib/dpkg/info/base-passwd.postinst /var/lib/dpkg/info/libglib2.0-0:amd64.postinst /var/lib/dpkg/info/policykit-1.postinst /var/lib/dpkg/info/python3-update-manager.postinst /var/lib/dpkg/info/bash-completion.postinst /var/lib/dpkg/info/libgssapi-krb5-2:amd64.postinst /var/lib/dpkg/info/polkitd.postinst /var/lib/dpkg/info/python3-wadllib.postinst /var/lib/dpkg/info/bash.postinst /var/lib/dpkg/info/libgstreamer1.0-0:amd64.postinst /var/lib/dpkg/info/pollinate.postinst /var/lib/dpkg/info/python3-xkit.postinst /var/lib/dpkg/info/bc.postinst /var/lib/dpkg/info/libnewt0.52:amd64.postinst /var/lib/dpkg/info/procps.postinst /var/lib/dpkg/info/python3-yaml.postinst /var/lib/dpkg/info/bolt.postinst /var/lib/dpkg/info/libnss-systemd:amd64.postinst /var/lib/dpkg/info/psmisc.postinst /var/lib/dpkg/info/python3-zipp.postinst /var/lib/dpkg/info/bsdextrautils.postinst /var/lib/dpkg/info/libpam0g:amd64.postinst /var/lib/dpkg/info/python3.10-minimal.postinst /var/lib/dpkg/info/python3-zope.interface.postinst /var/lib/dpkg/info/byobu.postinst /var/lib/dpkg/info/libpam-cap:amd64.postinst /var/lib/dpkg/info/python3.10.postinst /var/lib/dpkg/info/readline-common.postinst /var/lib/dpkg/info/ca-certificates.postinst /var/lib/dpkg/info/libpam-modules:amd64.postinst /var/lib/dpkg/info/python3-apport.postinst /var/lib/dpkg/info/rsync.postinst /var/lib/dpkg/info/cloud-initramfs-copymods.postinst /var/lib/dpkg/info/libpam-pwquality:amd64.postinst /var/lib/dpkg/info/python3-apt.postinst /var/lib/dpkg/info/rsyslog.postinst /var/lib/dpkg/info/cloud-initramfs-dyn-netconf.postinst /var/lib/dpkg/info/libpam-runtime.postinst /var/lib/dpkg/info/python3-attr.postinst /var/lib/dpkg/info/screen.postinst /var/lib/dpkg/info/console-setup-linux.postinst /var/lib/dpkg/info/libpam-systemd:amd64.postinst /var/lib/dpkg/info/python3-automat.postinst /var/lib/dpkg/info/secureboot-db.postinst /var/lib/dpkg/info/console-setup.postinst /var/lib/dpkg/info/libpython3.10-minimal:amd64.postinst /var/lib/dpkg/info/python3-bcrypt.postinst /var/lib/dpkg/info/sg3-utils-udev.postinst /var/lib/dpkg/info/coreutils.postinst /var/lib/dpkg/info/libsasl2-modules:amd64.postinst /var/lib/dpkg/info/python3-blinker.postinst /var/lib/dpkg/info/shared-mime-info.postinst /var/lib/dpkg/info/cpio.postinst /var/lib/dpkg/info/libssl3:amd64.postinst /var/lib/dpkg/info/python3-chardet.postinst /var/lib/dpkg/info/snapd.postinst /var/lib/dpkg/info/cracklib-runtime.postinst /var/lib/dpkg/info/libwrap0:amd64.postinst /var/lib/dpkg/info/python3-click.postinst /var/lib/dpkg/info/sntp.postinst /var/lib/dpkg/info/cron.postinst /var/lib/dpkg/info/linux-base.postinst /var/lib/dpkg/info/python3-colorama.postinst /var/lib/dpkg/info/software-properties-common.postinst /var/lib/dpkg/info/cryptsetup-bin.postinst /var/lib/dpkg/info/linux-firmware.postinst /var/lib/dpkg/info/python3-commandnotfound.postinst /var/lib/dpkg/info/sosreport.postinst /var/lib/dpkg/info/cryptsetup-initramfs.postinst /var/lib/dpkg/info/linux-headers-5.15.0-106-generic.postinst /var/lib/dpkg/info/python3-configobj.postinst /var/lib/dpkg/info/ssh-import-id.postinst /var/lib/dpkg/info/cryptsetup.postinst /var/lib/dpkg/info/linux-headers-5.15.0-97-generic.postinst /var/lib/dpkg/info/python3-constantly.postinst /var/lib/dpkg/info/sudo.postinst /var/lib/dpkg/info/dash.postinst /var/lib/dpkg/info/linux-image-5.15.0-106-generic.postinst /var/lib/dpkg/info/python3-cryptography.postinst /var/lib/dpkg/info/sysstat.postinst /var/lib/dpkg/info/dbus.postinst /var/lib/dpkg/info/linux-image-5.15.0-97-generic.postinst /var/lib/dpkg/info/python3-dbus.postinst /var/lib/dpkg/info/systemd-hwe-hwdb.postinst /var/lib/dpkg/info/debconf.postinst /var/lib/dpkg/info/linux-modules-5.15.0-106-generic.postinst /var/lib/dpkg/info/python3-debconf.postinst /var/lib/dpkg/info/systemd.postinst /var/lib/dpkg/info/debianutils.postinst /var/lib/dpkg/info/linux-modules-5.15.0-97-generic.postinst /var/lib/dpkg/info/python3-debian.postinst /var/lib/dpkg/info/systemd-sysv.postinst /var/lib/dpkg/info/dirmngr.postinst /var/lib/dpkg/info/linux-modules-extra-5.15.0-106-generic.postinst /var/lib/dpkg/info/python3-distro-info.postinst /var/lib/dpkg/info/tar.postinst /var/lib/dpkg/info/dmeventd.postinst /var/lib/dpkg/info/linux-modules-extra-5.15.0-97-generic.postinst /var/lib/dpkg/info/python3-distro.postinst /var/lib/dpkg/info/tcl8.6.postinst /var/lib/dpkg/info/dmsetup.postinst /var/lib/dpkg/info/locales.postinst /var/lib/dpkg/info/python3-distupgrade.postinst /var/lib/dpkg/info/tcpdump.postinst /var/lib/dpkg/info/dpkg.postinst /var/lib/dpkg/info/login.postinst /var/lib/dpkg/info/python3-distutils.postinst /var/lib/dpkg/info/thermald.postinst /var/lib/dpkg/info/e2fsprogs.postinst /var/lib/dpkg/info/logrotate.postinst /var/lib/dpkg/info/python3-gi.postinst /var/lib/dpkg/info/tmux.postinst /var/lib/dpkg/info/ed.postinst /var/lib/dpkg/info/lsb-base.postinst /var/lib/dpkg/info/python3-hamcrest.postinst /var/lib/dpkg/info/tnftp.postinst /var/lib/dpkg/info/falcon-sensor.postinst /var/lib/dpkg/info/lsb-release.postinst /var/lib/dpkg/info/python3-httplib2.postinst /var/lib/dpkg/info/tpm-udev.postinst /var/lib/dpkg/info/finalrd.postinst /var/lib/dpkg/info/lvm2.postinst /var/lib/dpkg/info/python3-hyperlink.postinst /var/lib/dpkg/info/tzdata.postinst /var/lib/dpkg/info/friendly-recovery.postinst /var/lib/dpkg/info/lxd-agent-loader.postinst /var/lib/dpkg/info/python3-idna.postinst /var/lib/dpkg/info/ubuntu-advantage-tools.postinst /var/lib/dpkg/info/fuse3.postinst /var/lib/dpkg/info/man-db.postinst /var/lib/dpkg/info/python3-importlib-metadata.postinst /var/lib/dpkg/info/ubuntu-drivers-common.postinst /var/lib/dpkg/info/fwupd.postinst /var/lib/dpkg/info/mawk.postinst /var/lib/dpkg/info/python3-incremental.postinst /var/lib/dpkg/info/ubuntu-keyring.postinst /var/lib/dpkg/info/gawk.postinst /var/lib/dpkg/info/mdadm.postinst /var/lib/dpkg/info/python3-jeepney.postinst /var/lib/dpkg/info/ubuntu-release-upgrader-core.postinst /var/lib/dpkg/info/git.postinst /var/lib/dpkg/info/modemmanager.postinst /var/lib/dpkg/info/python3-jwt.postinst /var/lib/dpkg/info/ucf.postinst /var/lib/dpkg/info/gpg-agent.postinst /var/lib/dpkg/info/motd-news-config.postinst /var/lib/dpkg/info/python3-keyring.postinst /var/lib/dpkg/info/udev.postinst /var/lib/dpkg/info/grub-common.postinst /var/lib/dpkg/info/mtr-tiny.postinst /var/lib/dpkg/info/python3-launchpadlib.postinst /var/lib/dpkg/info/udisks2.postinst /var/lib/dpkg/info/grub-gfxpayload-lists.postinst /var/lib/dpkg/info/multipath-tools.postinst /var/lib/dpkg/info/python3-lazr.restfulclient.postinst /var/lib/dpkg/info/ufw.postinst /var/lib/dpkg/info/grub-pc.postinst /var/lib/dpkg/info/nano.postinst /var/lib/dpkg/info/python3-lazr.uri.postinst /var/lib/dpkg/info/unattended-upgrades.postinst /var/lib/dpkg/info/hdparm.postinst /var/lib/dpkg/info/needrestart.postinst /var/lib/dpkg/info/python3-lib2to3.postinst /var/lib/dpkg/info/update-notifier-common.postinst /var/lib/dpkg/info/ifupdown.postinst /var/lib/dpkg/info/netbase.postinst /var/lib/dpkg/info/python3-magic.postinst /var/lib/dpkg/info/upower.postinst /var/lib/dpkg/info/info.postinst /var/lib/dpkg/info/netcat-openbsd.postinst /var/lib/dpkg/info/python3-minimal.postinst /var/lib/dpkg/info/usb-modeswitch.postinst /var/lib/dpkg/info/initramfs-tools-core.postinst /var/lib/dpkg/info/networkd-dispatcher.postinst /var/lib/dpkg/info/python3-more-itertools.postinst /var/lib/dpkg/info/usbmuxd.postinst /var/lib/dpkg/info/initramfs-tools.postinst /var/lib/dpkg/info/nftables.postinst /var/lib/dpkg/info/python3-newt:amd64.postinst /var/lib/dpkg/info/usrmerge.postinst /var/lib/dpkg/info/install-info.postinst /var/lib/dpkg/info/ntfs-3g.postinst /var/lib/dpkg/info/python3-oauthlib.postinst /var/lib/dpkg/info/util-linux.postinst /var/lib/dpkg/info/intel-microcode.postinst /var/lib/dpkg/info/ntpdate.postinst /var/lib/dpkg/info/python3-openssl.postinst /var/lib/dpkg/info/uuid-runtime.postinst /var/lib/dpkg/info/iproute2.postinst /var/lib/dpkg/info/ntp.postinst /var/lib/dpkg/info/python3-pexpect.postinst /var/lib/dpkg/info/vim-common.postinst /var/lib/dpkg/info/iptables.postinst /var/lib/dpkg/info/open-iscsi.postinst /var/lib/dpkg/info/python3-pkg-resources.postinst /var/lib/dpkg/info/vim.postinst /var/lib/dpkg/info/iputils-ping.postinst /var/lib/dpkg/info/openssh-client.postinst /var/lib/dpkg/info/python3.postinst /var/lib/dpkg/info/vim-runtime.postinst /var/lib/dpkg/info/irqbalance.postinst /var/lib/dpkg/info/openssh-server.postinst /var/lib/dpkg/info/python3-problem-report.postinst /var/lib/dpkg/info/vim-tiny.postinst /var/lib/dpkg/info/isc-dhcp-client.postinst /var/lib/dpkg/info/openssl.postinst /var/lib/dpkg/info/python3-ptyprocess.postinst /var/lib/dpkg/info/wamerican.postinst /var/lib/dpkg/info/kbd.postinst /var/lib/dpkg/info/open-vm-tools.postinst /var/lib/dpkg/info/python3-pyasn1-modules.postinst /var/lib/dpkg/info/xdg-user-dirs.postinst /var/lib/dpkg/info/keeperx.postinst /var/lib/dpkg/info/overlayroot.postinst /var/lib/dpkg/info/python3-pyasn1.postinst /var/lib/dpkg/info/xfsprogs.postinst /var/lib/dpkg/info/keyboard-configuration.postinst /var/lib/dpkg/info/packagekit.postinst /var/lib/dpkg/info/python3-pyparsing.postinst /var/lib/dpkg/info/xz-utils.postinst /var/lib/dpkg/info/klibc-utils.postinst /var/lib/dpkg/info/passwd.postinst /var/lib/dpkg/info/python3-secretstorage.postinst /var/lib/dpkg/info/kmod.postinst /var/lib/dpkg/info/pciutils.postinst /var/lib/dpkg/info/python3-serial.postinst

Observe the log

The callback example seems to truncate the command line, but seems not affected by the garbage ending bytes. Example of random bytes found in the exeArgs string from sysflow callback when integrating libsysflow (observe the end):

-l reboot-required /var/lib/dpkg/info/adduser.postinst /var/lib/dpkg/info/ksh93u+m.postinst /var/lib/dpkg/info/perl-base.postinst /var/lib/dpkg/info/python3-service-identity.postinst /var/lib/dpkg/info/amd64-microcode.postinst /var/lib/dpkg/info/landscape-common.postinst /var/lib/dpkg/info/perl.postinst /var/lib/dpkg/info/python3-setuptools.postinst /var/lib/dpkg/info/apparmor.postinst /var/lib/dpkg/info/less.postinst /var/lib/dpkg/info/pinentry-curses.postinst /var/lib/dpkg/info/python3-six.postinst /var/lib/dpkg/info/apt.postinst /var/lib/dpkg/info/libc6:amd64.postinst /var/lib/dpkg/info/pkexec.postinst /var/lib/dpkg/info/python3-software-properties.postinst /var/lib/dpkg/info/autofs.postinst /var/lib/dpkg/info/libc-bin.postinst /var/lib/dpkg/info/plymouth.postinst /var/lib/dpkg/info/python3-systemd.postinst /var/lib/dpkg/info/base-files.postinst /var/lib/dpkg/info/libdebuginfod-common.postinst /var/lib/dpkg/info/plymouth-theme-ubuntu-text.postinst /var/lib/dpkg/info/python3-twisted.postinst /var/lib/dpkg/info/base-passwd.postinst /var/lib/dpkg/info/libglib2.0-0:amd64.postinst /var/lib/dpkg/info/policykit-1.postinst /var/lib/dpkg/info/python3-update-manager.postinst /var/lib/dpkg/info/bash-completion.postinst /var/lib/dpkg/info/libgssapi-krb5-2:amd64.postinst /var/lib/dpkg/info/polkitd.postinst /var/lib/dpkg/info/python3-wadllib.postinst /var/lib/dpkg/info/bash.postinst /var/lib/dpkg/info/libgstreamer1.0-0:amd64.postinst /var/lib/dpkg/info/pollinate.postinst /var/lib/dpkg/info/python3-xkit.postinst /var/lib/dpkg/info/bc.postinst /var/lib/dpkg/info/libnewt0.52:amd64.postinst /var/lib/dpkg/info/procps.postinst /var/lib/dpkg/info/python3-yaml.postinst /var/lib/dpkg/info/bolt.postinst /var/lib/dpkg/info/libnss-systemd:amd64.postinst /var/lib/dpkg/info/psmisc.postinst /var/lib/dpkg/info/python3-zipp.postinst /var/lib/dpkg/info/bsdextrautils.postinst /var/lib/dpkg/info/libpam0g:amd64.postinst /var/lib/dpkg/info/python3.10-minimal.postinst /var/lib/dpkg/info/python3-zope.interface.postinst /var/lib/dpkg/info/byobu.postinst /var/lib/dpkg/info/libpam-cap:amd64.postinst /var/lib/dpkg/info/python3.10.postinst /var/lib/dpkg/info/readline-common.postinst /var/lib/dpkg/info/ca-certificates.postinst /var/lib/dpkg/info/libpam-modules:amd64.postinst /var/lib/d4-

Expected behavior The command line is reported correctly, even truncated but without garbage bytes at the end.

Environment (please complete the following information):

OS: ubuntu 22.04, Linux ubuntu2204.localdomain 5.15.0-69-generic #76-Ubuntu SMP Fri Mar 17 17:19:29 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
SysFlow version: libsysflow 0.6.3 (/root/.falco/6.0.1+driver/x86_64/falco_ubuntu-generic_5.15.0-69-generic_76.o)

Additional context The problem causes sporadic program crashes when the string is decoded since sometimes the garbage bytes are not valid UTF-8 codes.

Jun 10 16:15:53 ubuntu2204.localdomain test[12486]: terminate called after throwing an instance of 'nlohmann::json_abi_v3_11_2::detail::type_error'
Jun 10 16:15:53 ubuntu2204.localdomain test[12486]:   what():  [json.exception.type_error.316] invalid UTF-8 byte at index 2300: 0x30

sysflow-telemetry / sysflow

Long command line is not reported correctly #131