fix: avoid printing confusing message when input contains special character

[ruitianzhong]

The following usage would printed out confusing message when user controlled input contains special character like "%s".

Query field is controlled by user and may contains special character.

s := fmt.Sprintf(fmt.Sprintf(" PID: %d, Comm: %s, Time: %d, Query: %s", pe.Pid, pe.Comm, pe.Timestamp, unix.ByteSliceToString((pe.Query[:]))))

Reproduce

run the following command in the terminal:

sudo ./ecapture bash

run the following command in another terminal:

 echo "SELECT * FROM Customers WHERE CustomerName LIKE 'a%'"

output:

bash_2024/02/29 11:26:21 PID:33569, UID:1000, 	Comm:bash, 	Retvalue:0, 	Line:
echo "SELECT * FROM Customers WHERE CustomerName LIKE 'a%!'(MISSING)"

[cfc4n]

Can you take a look at why golanglint did not detect the printf error?

https://github.com/gojue/ecapture/actions/runs/8090653564/job/22108477495?pr=495#step:6:22

[ruitianzhong]

There are multiple linters in golangci-lint, such as errcheck,staticcheck,etc. To detect the error in this Pull Request, staticcheck linters must be enabled.
While in go-c-cpp.yml:

args: --disable-all -E errcheck

It disables all linter and enable errcheck only(-E option).

To enable staticcheck linter, it can be changed to :

args: --disable-all -E errcheck -E staticcheck

I ran golanglint-ci on 286bdcf again, and get the following output:

user/config/config_gotls.go:101:3: SA4006: this value of `err` is never used (staticcheck)
                err = fmt.Errorf("unsupport CPU arch :%s", goElfArch)
                ^
user/config/config_gotls.go:159:2: SA4006: this value of `err` is never used (staticcheck)
        offsets, err = gc.decodeInstruction(instHex)
        ^
user/event/event_gotls.go:32:3: SA4006: this value of `err` is never used (staticcheck)
                err = binary.Read(r, binary.LittleEndian, &ge.Data)
                ^
pkg/util/ebpf/bpf_test.go:39:2: SA4006: this value of `m` is never used (staticcheck)
        m, e := GetSystemConfig()
        ^
user/event/event_bash.go:65:7: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
        s := fmt.Sprintf(fmt.Sprintf("PID:%d, UID:%d, \tComm:%s, \tRetvalue:%d, \tLine:\n%s", be.Pid, be.Uid, be.Comm, be.Retval, unix.ByteSliceToString((be.Line[:]))))
             ^
user/event/event_bash.go:70:7: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
        s := fmt.Sprintf(fmt.Sprintf("PID:%d, UID:%d, \tComm:%s, \tRetvalue:%d, \tLine:\n%s,", be.Pid, be.Uid, be.Comm, be.Retval, dumpByteSlice([]byte(unix.ByteSliceToString((be.Line[:]))), "")))
             ^
user/event/event_mysqld.go:110:7: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
        s := fmt.Sprintf(fmt.Sprintf(" PID:%d, Comm:%s, Time:%d,  length:(%d/%d),  return:%s, Line:%s", me.Pid, me.Comm, me.Timestamp, me.Len, me.Alllen, me.Retval, unix.ByteSliceToString((me.Query[:]))))

I verified through the GitHub Actions running on the code essentially only changed the configuration for workflow (i.e., add support for staticcheck only for Ubuntu 22.04 workflow which finally failed). links:https://github.com/ruitianzhong/ecapture/actions/runs/8094193279/job/22118377492#step:6:37

[ruitianzhong]

changes that do not change the program behavior

• enable staticcheck linter to detect the printf error.
• safely ignore err for kernel.HostVersion() because we have checked this in main function
• remove unused variable/empty branch to pass static check

changes that change the program behavior

• fix bug: correctly return err in user/config/config_gotls.go:101 and user/event/event_gotls.go:32

Finally, I want to mentioned the following code (previous) which is not obvious though :

var conf config.IConfig
	conf = goc
	if conf == nil {
	logger.Printf("ECAPTURE :: \tcant found module %s config info.", mod.Name())
		return
	}

conf is a concrete type and it is impossible to become nil for it. Instead we just check goc==nil first and have the other part unchanged. However, after checking goc,oc,gc and nc 's origin , it is found that they are seemmingly impossible to become nil.

Although the checks like goc==nil can be avoided, I still leave them intact. It's up to you to remove them safely with deeper understanding.

[cfc4n]

oops! The staticcheck configuration being turned off was my negligence.

good job, LGTM.