This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH 1/3] posix: Remove dynamic memory allocation from execl{e,p}


On Thu, Feb 25, 2016 at 8:10 AM, Adhemerval Zanella
<adhemerval.zanella@linaro.org> wrote:
> On 25-02-2016 04:27, Paul Eggert wrote:
>>
>> With my "no arbitrary limits" hat on, I noticed that this has
>> undefined behavior if more than INT_MAX arguments are passed to execl.
>
> AFAIK the C standard defines the main entrypoint argc as signed int, so
> I think it is indeed undefined behaviour if you intend to call a program
> with more than INT_MAX arguments.

The C standard does indeed define main's first argument as signed int,
but I don't think that's a sufficient reason to allow exec* to exhibit
UB for too many arguments.  POSIX does *not* call this case out as UB.

I think detecting this situation and failing with errno==E2BIG would
be appropriate.  E2BIG is already specified as the error code for
exceeding ARG_MAX bytes of argument list + environment.

zw


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]