空字符可以在字符串中间传递给argv吗? [英] Can the null character to be passed to argv in the middle of a string?
问题描述
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main(int argc, char *argv[]) {
write(STDOUT_FILENO, argv[1], atoi(argv[2]));
return 0;
}
以下输出(在Ubuntu上的bash中运行)显示'xyz'未在argv中传递.我想确保这是操作系统的限制,而不是外壳的限制.因此,不可能在argv中的字符串中间传递一个空字符.有人可以确认吗?谢谢.
The following output (run in bash on Ubuntu) shows that 'xyz' is not passed in argv. I want to make sure that this is the limitation of the OS but not the shell. So it would not be possible to pass a null character in the middle of a string in argv. Could anybody confirm? Thanks.
$ ./main.exe $'abc\000xyz' 7 | xxd
00000000: 6162 6300 3700 53 abc.7.S
推荐答案
所有程序都是通过 exec
调用启动的,尽管已实现了操作系统,但让我们看看POSIX标准对
All program start by exec
calls, despite OS implementations, lets see what does POSIX standard says about exec
functions.
int execve(const char * path,char * const argv [],char * const envp []);
int execve(const char *path, char *const argv[], char *const envp[]);
argv
是传递给程序的参数, envp
是环境变量.
argv
are arguments passed to the program, envp
are environment variables.
argv和environ数组均由空指针终止.终止argv数组的空指针不在argc中.
The argv and environ arrays are each terminated by a null pointer. The null pointer terminating the argv array is not counted in argc.
参数argv是指向空终止字符串的字符指针数组.
The argument argv is an array of character pointers to null-terminated strings.
因此,很容易得出结论:
So, it is very easy to conclude:
- 空(零长度)字符串可以传递给
argv
-
NULL
字符串不能传递给argv,它将终止argv
,并丢弃以下所有参数. -
argv
中的任何字符串不能包含\ x0
字符,\ x0
将终止当前参数字符串.
- Empty (zero length) string can be passed to
argv
NULL
string can't be passed to argv, it will terminateargv
, and discard all following arguments.- any string in
argv
can't contain\x0
character,\x0
will terminate the current parameter string.
解释运行时发生的情况
python -c 'print "\x30\x00\x31"' | xargs --null prog
尝试:
python -c 'print "\x30\x00\x31"' | strace -f xargs --null echo
我们可以找到:
...
...
...
read(0, "0\0001\n", 4096) = 4
...
...
...
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f09f46d9850) = 21232
strace: Process 21232 attached
...
...
...
[pid 21232] execve("/bin/echo", ["echo", "0", "1\n"], 0x7ffe5ccd7638 /* 74 vars */ <unfinished ...>
它表明,在调用 prog
时, xargs
可能将包含 \ x0
的参数分成两个参数.不是由Shell完成,不是由OS,libc完成,而是 xargs
It shows that xargs
potentially separate argument containing \x0
into two arguments when calling prog
. Not done by shell, not done by OS, libc, but xargs
这篇关于空字符可以在字符串中间传递给argv吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!