Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Are the arguments of a C program guaranteed to be '\0'-terminated?

About the arguments of main(), the 2011 C standard says (5.1.2.2.1:2):

If the value of argc is greater than zero, the array members argv[0] through argv[argc-1] inclusive shall contain pointers to strings, which are given implementation-defined values by the host environment prior to program startup.

Should the word “string” in this context be interpreted as “0-terminated string”, that is, a sequence of non-0 characters followed by a final '\0', or do/may some implementations pass arguments to programs differently?

On a POSIX platform, are the arguments of one of the exec* family of functions validated by the exec* function as pointers to well-formed strings (and how?), or should a setuid program refrain from assuming that it has been passed well-formed 0-terminated strings as arguments?

like image 465
Pascal Cuoq Avatar asked Feb 14 '23 01:02

Pascal Cuoq


1 Answers

Should the word “string” in this context be interpreted as “0-terminated string”, that is, a sequence of non-0 characters followed by a final '\0', or do/may some implementations pass arguments to programs differently?

7.1.1 defines a string:

A string is a contiguous sequence of characters terminated by and including the first null character.


Are the arguments of one of the exec* family of functions validated by the exec* function as pointers to well-formed strings (and how?).

The POSIX spec states that args to the exec family are null-terminated strings, and doesn't specify what happens if they aren't. Presumably it's undefined behaviour. This seems reasonable, because there's no reasonable way for the exec functions to validate that each argument is correctly null-terminated. (Although bear in mind that exec* must copy its arguments, as the address space is about to be swapped out.)

like image 135
Oliver Charlesworth Avatar answered Apr 28 '23 00:04

Oliver Charlesworth