Binaries have preset names when argv[0] is an empty string #12

New Issue

emma · 2023-12-25T22:06:20-07:00

emma commented

2023-12-25 22:06:20 -07:00

In some cases, it may be desirable for the argv[0] to be empty in usage. This is currently impossible.

In some cases, it may be desirable for the `argv[0]` to be empty in usage. This is currently impossible.

emma added the

bug

label 2023-12-25 22:06:20 -07:00

trinity was assigned by emma

2023-12-25 22:06:20 -07:00

trinity commented

2023-12-25 23:01:18 -07:00

Why would it be desirable to have argc == 0?

Some programs have a static char *program_name that is used for usage synopses in the event that they're invoked incorrectly. This is done with consideration for how the particular program functions, for instance, npc(1) doesn't have this because an empty argv would be fine as it only needs to process standard input and standard output. But utilities like str(1) and strcmp(1) do have this because arguments are necessary in order for them to have something to do; absent arguments are incorrect invocation and program_name exists to supply a decent placeholder name for the help text if argv[0] isn't set.

I'm not sure why this would be a problem.

Why would it be desirable to have `argc == 0`? Some programs have a `static char *program_name` that is used for usage synopses in the event that they're invoked incorrectly. This is done with consideration for how the particular program functions, for instance, npc(1) doesn't have this because an empty argv would be fine as it only needs to process standard input and standard output. But utilities like str(1) and strcmp(1) do have this because arguments are necessary in order for them to have something to do; absent arguments are incorrect invocation and `program_name` exists to supply a decent placeholder name for the help text if argv[0] isn't set. I'm not sure why this would be a problem.

emma commented

2023-12-26 11:08:21 -07:00

mostly because if you manage to remove argv[0] you probably meant to, and if you didn’t, it’s a symptom of a larger problem that should probably be reflected in output.

emma commented

2023-12-26 11:08:57 -07:00

i’m not in the business of preventing fun hacks of our tools, yknow :P

trinity commented

2023-12-26 13:52:05 -07:00

Hacks can be dangerous. Polkit famously had a root escalation vulnerability around assuming argc > 0. The choices are either to cope without argv[0] or do frightening things with envp which usually succeeds argv in memory.

I could basically change it to static char *program_name = "<no argv[0]>"; but I figured if argv[0] wasn't set my tools should still work fine as an oasis of functionality among everything else so obviously broken.

Hacks can be dangerous. [Polkit famously had a root escalation vulnerability around assuming `argc > 0`](https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034). The choices are either to cope without `argv[0]` or do frightening things with `envp` which usually succeeds `argv` in memory. I could basically change it to `static char *program_name = "<no argv[0]>";` but I figured if `argv[0]` wasn't set my tools should still work fine as an oasis of functionality among everything else so obviously broken.

silt was assigned by trinity

2023-12-26 13:52:15 -07:00

trinity commented

2023-12-26 13:52:55 -07:00

Tagged because you might have something to add, I think we've probably discussed argc==0 before.

Tagged because you might have something to add, I think we've probably discussed `argc==0` before.

emma added

wontfix

and removed

bug

labels 2024-01-23 15:01:43 -07:00

emma closed this issue