C question

Taavi Burns jaaaarel-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Aug 15 15:26:04 UTC 2006 

execv doesn't behave quite the way you expect.  It doesn't want a list
of arguments concatenated together (you'd use the system() call if
that were the case; and it has its own problems if there are escape
characters embedded in any of the arguments).

execv() expects its first argument to be the path to the executable in
question (this is correct below).  It expects its second argument to
be a pointer to a NULL-terminated array of pointers...basically a
memory address where it can find an array of memory addresses (each of
which points at one argument).  After the last memory address in the
array, there should be one more pointer which is 0 (NULL) to indicate
the end of the list.

On 7/20/06, Madison Kelly <linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org> wrote:
> #include <stdio.h>
>
> #define REAL_PATH \
> "/home/digimer/projects/mizu-bu/releases/mizu-bu/cgi-bin/exec-priv.pl"
> main(int argc, char *argv[])
Should be "int main", as already pointed out.

> {
>          setuid(geteuid());
>          setgid(getegid());
>         var say;
>         say="Hello";
You don't need this at all.  What you do want:
char **myArgs = NULL;
/* This will allocate (and zero) enough memory for all of this
 * program's arguments, plus one null at the end
 */
myArgs = calloc( argc + 1, sizeof(char*) );
>
>         int i;
>         for (i=1; i<argc; i++ )
In my scheme, you want i to start at 0.
>         {
>                 printf("%s%s", argv[i], (i < argc-1) ? " " : "");
This line should be:
/* Make myArgs[i] point to its matching argv[i] */
myArgs[i] = &argv[i];
>         }
>         printf("\n");
>         printf("%s", say);
These two printf statements aren't relevant anymore. :)
> /*        execv(REAL_PATH, av);*/
Here you'd want to:
execv(REAL_PATH, myArgs);
> }
>
>    Thanks for any help!!

For future reference (in response to other messages in this thread),
don't use sprintf or strcat, only snprintf and strncat.  Buffer
overruns are far too common and avoidable.  :)

-- 
taa
/*eof*/
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list