Menu
I was wandering in SO and saw this question. Then I started wondering if I can overflow argc.
Standard says that argv[argc] must be a null pointer but this will be false if argc overflow.
(I wrote a small C program and a python script to test it but got a MemoryError.)
Thanks!
Rationale for International Standard — Programming Languages — C §5.1.2.2.1 Program startup
The specification of
argcandargvas arguments tomainrecognizes extensive prior practice.argv[argc]is required to be a null pointer to provide a redundant check for the end of the list, also on the basis of common practice.
868
c. As you can see, the first argument ( argv[0] ) is the name by which the program was called, in this case gcc . Thus, there will always be at least one argument to a program, and argc will always be at least 1.
Yes, it can be zero, meaning that argv[0] == NULL . It's a convention that argv[0] is the name of the program.
The integer, argc is the ARGument Count (hence argc). It is the number of arguments passed into the program from the command line, including the name of the program. The array of character pointers is the listing of all the arguments. argv[0] is the name of the program, or an empty string if the name is not available.
Yes, argv[argc] is guaranteed to be a null pointer.
So, from your quote:
argv[argc]is required to be a null pointer
Therefore, argc cannot overflow, because then the above statement would not be true.
In practice, the total size of the arguments passed to a program is limited.
On my Linux/x64 system:
$ getconf ARG_MAX 2097152
Therefore, the total argument size is about 2 megabytes, and argc cannot overflow. I believe this limit measures a combination of the total data in argv and the environment. If you exceed this limit when you try to run a command, exec() will fail with E2BIG. From man 2 execve:
E2BIG The total number of bytes in the environment (envp) and argument list (argv) is too large.
I believe the ~2 megabyte limit on my system is relatively generous compared to other systems. My OS X system reports a limit of ~260KB.
ARG_MAX were really big?Okay, let's suppose you're on an old/weird system, so int is 16 bits, and ARG_MAX is well over 215, which is otherwise quite reasonable. Now, suppose you invoke execve() with more than 215 arguments. The implementation has two options.
It can allow argc to overflow... basically, throwing away your data, ensuring that the program you're running executes in some unexpected and probably erroneous manner, and violating the C standard. Worst of all, the error is silent, so you might never know.
Or, it can simply return EOVERFLOW from execve(), informing you that it simply can't run an image with that many parameters. Now, the POSIX / SUS standards don't mention anything about this error result... but, I suspect this is simply because the standard writers never expected ARG_MAX to be larger than INT_MAX.
Option #2 is the only reasonable option. If your system somehow chooses option #1, then it is broken and you should file a bug report.
Alternatively, you could be trying to run an old program compiled for a 16-bit system, but you're running it through some kind of emulator or compatibility layer. I'd expect that the emulator or compatibility layer would give an error message if you tried to pass more than 215 parameters to a program.
97
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
