Description of problem: execve() with NULL parameters causes segmentation fault. Version-Release number of selected component (if applicable): kernel 2.6.29.1-111.fc11.i686.PAE glibc-2.9.90-22.i686 How reproducible: 100% Steps to Reproduce: 1. Compile below program and run. ----- #include <unistd.h> int main(int argc, char *argv[]) { execve("/bin/true", NULL, NULL); return 0; } ----- Actual results: Segmentation fault happens. Expected results: Prints nothing. Additional info:
1) this is obviously invalid, POSIX says that both the argv and envp arguments to execve are arrays of character pointers, NULL is not an array of character pointers 2) the crash is in /bin/true, not in glibc: (gdb) bt #0 0x00007ffff7af12ea in strrchr () from /lib64/libc.so.6 #1 0x00000000004012fe in set_program_name (argv0=0x0) at progname.c:44 #2 0x0000000000401233 in main (argc=0, argv=0xffffffff) at true.c:58 set_program_name is a coreutils function and obviously calling strrchr with NULL argument segfaults.
Oh, I didn't know execve() does not accept NULL parameters. I thought NULL is acceptable because do_execve() (in kenrel) checks for NULL parameters. Thank you.