About the arguments of main()
, the 2011 C standard says (5.1.2.2.1:2):
If the value of argc is greater than zero, the array members argv[0] through argv[argc-1] inclusive shall contain pointers to strings, which are given implementation-defined values by the host environment prior to program startup.
Should the word “string” in this context be interpreted as “0-terminated string”, that is, a sequence of non-0 characters followed by a final '\0', or do/may some implementations pass arguments to programs differently?
On a POSIX platform, are the arguments of one of the exec*
family of functions validated by the exec*
function as pointers to well-formed strings (and how?), or should a setuid program refrain from assuming that it has been passed well-formed 0-terminated strings as arguments?
Should the word “string” in this context be interpreted as “0-terminated string”, that is, a sequence of non-0 characters followed by a final '\0', or do/may some implementations pass arguments to programs differently?
7.1.1 defines a string:
A string is a contiguous sequence of characters terminated by and including the first null character.
Are the arguments of one of the exec* family of functions validated by the exec* function as pointers to well-formed strings (and how?).
The POSIX spec states that args to the exec
family are null-terminated strings, and doesn't specify what happens if they aren't. Presumably it's undefined behaviour. This seems reasonable, because there's no reasonable way for the exec
functions to validate that each argument is correctly null-terminated. (Although bear in mind that exec*
must copy its arguments, as the address space is about to be swapped out.)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With