This is the mail archive of the
libc-help@sourceware.org
mailing list for the glibc project.
Re: Arguments to execve
- From: Peter LaDow <petela at gocougs dot wsu dot edu>
- To: "Carlos O'Donell" <carlos at redhat dot com>
- Cc: libc-help at sourceware dot org
- Date: Tue, 11 Jun 2013 15:00:29 -0700
- Subject: Re: Arguments to execve
- References: <CAN8Q1Ed1KDrmjbSxd74XVQFWEUvbbpaq0dQFJ9OLPapgxf2pyw at mail dot gmail dot com> <51B78BCC dot 1020400 at redhat dot com> <CAN8Q1Ec31RbOSJZ-6wDkyE6+eD+HAsRPxzVUGYHuwXnx==QFXA at mail dot gmail dot com> <51B7925B dot 9060605 at redhat dot com> <CAN8Q1EfScfa2e03qZeUcFo5gzBrmfhmpErJn2FHnfM2H3rtWOw at mail dot gmail dot com> <51B79995 dot 7080903 at redhat dot com>
On Tue, Jun 11, 2013 at 2:41 PM, Carlos O'Donell <carlos@redhat.com> wrote:
> We *are* POSIX compliant, it's the application that is at fault,
> and undefined behaviour can be anything, including working correctly.
>
> You are asking for glibc to *prevent* the application from being
> non-compliant, at the cost of an extra check in the hot path of
> execve.
Initially, yes. But with the nonnull attribute, it isn't..
But fair enough, I get your point. POSIX doesn't require that EINVAL
be returned on a NULL pointer passed.
> You would break any build using gcc and -Werror, and that's equally
> complicated because it would require changing source.
True...
> We walk a fine line here, and a static analysis tool would do a much
> better job of catching this than forcing such a warning for a NULL
> envp which we all agree should really be allowed.
Funny you should mention it. That's exactly how we found this....
> Which leads one down the lengthy path of comparing UNIX
> implementations, and seeing if the POSIX text can actually be adjusted
> to allow envp being NULL as an alias for { NULL }.
>
> That would really be the right thing to attempt, that way the standard
> is updated based on common practice and we don't need to have this
> conversation again between two different people every 5 years.
I apologize if this has come up before. My search through the list
archives didn't bear any fruit related to execve. If it has, thanks
for being patient with me. :)
Thanks,
Pete