Path: csiph.com!eternal-september.org!feeder.eternal-september.org!nntp.eternal-september.org!.POSTED!not-for-mail From: Keith Thompson Newsgroups: comp.lang.c Subject: Re: srand(0) Date: Tue, 30 Dec 2025 19:35:12 -0800 Organization: None to speak of Lines: 57 Message-ID: <87jyy3wcgf.fsf@example.invalid> References: <10ib0ka$3cgil$1@dont-email.me> <10icocl$3u4ua$1@dont-email.me> <10idg5m$3k87$3@dont-email.me> <20251224105114.0000714b@yahoo.com> <10ih0qo$13hnn$2@dont-email.me> <20251224174452.00003278@yahoo.com> <10ih3lu$13hnn$5@dont-email.me> <10ih5r2$25ihh$5@dont-email.me> <10iiell$1kfhj$1@dont-email.me> <10iirh8$25ihh$6@dont-email.me> <10ilfqp$2fs21$1@dont-email.me> <10ivq6b$1j8r3$1@dont-email.me> <10j206j$27s3j$1@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain Injection-Date: Wed, 31 Dec 2025 03:35:14 +0000 (UTC) Injection-Info: dont-email.me; posting-host="eea1bd566f7c70dcb85fabb9ef2f06cf"; logging-data="2415548"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18f8UW1MR56SZbuj2JzxB8K" User-Agent: Gnus/5.13 (Gnus v5.13) Cancel-Lock: sha1:fjaBxRg6SlOoS0XA+mikvclXq/g= sha1:UR4VcsFrAxth5JAFzeusK54w/HY= Xref: csiph.com comp.lang.c:396023 Michael Sanders writes: > On Tue, 30 Dec 2025 18:42:30 GMT, Scott Lurndal wrote: >> What if 'argv[0]' is NULL (and argc == 0)? > > Well, seems we have to make a choice, ISO vs. POSIX: > > *ISO C (C17 / C23)*: > > C17, 5.1.2.2.1 "Program startup" > > The value of argc shall be nonnegative. > > argv[argc] shall be a null pointer. [...] > *POSIX.1-2017 (and later)* > > POSIX execve() specification: > > The argument argv is an array of character pointers > to null-terminated strings. > > The application shall ensure that argv[0] points to a filename > string that is associated with the process being started. [...] > What say you? It happens that I recently spent some time looking into this. As you say, POSIX requires argc >= 1, but ISO C only guarantees argc >= 0. If argc == 0, a program that assumes argv[0] is non-null can run into serious problems if that assumption is invalid. In particular, a program called "pkexec" would try to traverse arguments starting with argv[1], which logically doesn't exist if argc==0. Due to the way program arguments are laid out in memory, argv[1] is also envp[0]. Frivolity ensued. See . The Linux kernel updated execve to ensure that the invoked program has argc>=1. It was patched in early 2022. NetBSD still has this vulnerability. Summary: Some systems guarantee that argc>=1 and argv[0] points to a valid string, but software that's intended to be portable should tolerate argc==0 and argv[0]==NULL. For more information, see . -- Keith Thompson (The_Other_Keith) Keith.S.Thompson+u@gmail.com void Void(void) { Void(); } /* The recursive call of the void */