linux sockstat broken from missing pointer check

[atcuno]

Sample: broken_mount_enumeration_ubuntu_22_04_x64.zip

Plugin: linux.sockstat.Sockstat

@gcmoreira this code path has numerous issues and is a good one for you to debug the member / pointer access.

1. This should become get_inode regardless so we remove raw accesses to d_inode:

https://github.com/volatilityfoundation/volatility3/blob/develop/volatility3/framework/plugins/linux/sockstat.py#L524

2. This dereference() is called without a check after, which is what causes the backtrace below:

https://github.com/volatilityfoundation/volatility3/blob/develop/volatility3/framework/plugins/linux/sockstat.py#L536

3. This does instance.<pointer member>.member, which will cause a backtrace if nsproxy is invalid:

https://github.com/volatilityfoundation/volatility3/blob/develop/volatility3/framework/plugins/linux/sockstat.py#L549

This is the same root cause as #1523, where accessing through nsproxy does cause a backtrace. My current view (mention in the ticket before this one) is that we should make as many get_<member> accessors as possible for pointer members to avoid the try/except all over the plugins while still respecting the invalid address exception.

25-01-03 18:34:41 volatility3.cli DEBUG    Traceback (most recent call last):
  File "/home/ub/volatility3/volatility3/cli/__init__.py", line 501, in run
    renderer.render(grid)
  File "/home/ub/volatility3/volatility3/cli/text_renderer.py", line 232, in render
    grid.populate(visitor, outfd)
  File "/home/ub/volatility3/volatility3/framework/renderers/__init__.py", line 240, in populate
    for level, item in self._generator:
  File "/home/ub/volatility3/volatility3/framework/plugins/linux/sockstat.py", line 601, in _generator
    for (
  File "/home/ub/volatility3/volatility3/framework/plugins/linux/sockstat.py", line 538, in list_sockets
    sock_type = sock.get_type()
                ^^^^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/symbols/linux/extensions/__init__.py", line 1781, in get_type
    return linux_constants.SOCK_TYPES.get(self.sk_type, "")
                                          ^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/objects/__init__.py", line 961, in __getattr__
    member = template(context=self._context, object_info=object_info)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/objects/templates.py", line 96, in __call__
    return self.vol.object_class(
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/objects/__init__.py", line 168, in __new__
    value = cls._unmarshall(context, data_format, object_info)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/objects/__init__.py", line 202, in _unmarshall
    data = context.layers.read(
           ^^^^^^^^^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/interfaces/layers.py", line 635, in read
    return self[layer].read(offset, length, pad)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/layers/linear.py", line 45, in read
    for offset, _, mapped_offset, mapped_length, layer in self.mapping(
  File "/home/ub/volatility3/volatility3/framework/layers/intel.py", line 302, in mapping
    for offset, size, mapped_offset, mapped_size, map_layer in self._mapping(
  File "/home/ub/volatility3/volatility3/framework/layers/intel.py", line 358, in _mapping
    chunk_offset, page_size, layer_name = self._translate(offset)
                                          ^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/ub/volatility3/volatility3/framework/layers/intel.py", line 166, in _translate
    raise exceptions.PagedInvalidAddressException(
volatility3.framework.exceptions.PagedInvalidAddressException: Page Fault at entry 0xcccccccccccccccc in page entry