Re: kern/56673: don't allow execve with NULL argv

[Robert Elz <kre%munnari.OZ.AU@localhost>]

The following reply was made to PR kern/56673; it has been noted by GNATS.

From: Robert Elz <kre%munnari.OZ.AU@localhost>
To: Joerg Sonnenberger <joerg%bec.de@localhost>
Cc: gnats-bugs%netbsd.org@localhost, kern-bug-people%netbsd.org@localhost, jschauma%netmeister.org@localhost
Subject: Re: kern/56673: don't allow execve with NULL argv
Date: Mon, 31 Jan 2022 17:09:33 +0700

     Date:        Mon, 31 Jan 2022 01:43:17 +0100
     From:        Joerg Sonnenberger <joerg%bec.de@localhost>
     Message-ID:  <YfcwpZ/g7ltS0Y6t%bec.de@localhost>
 
   | Am Sun, Jan 30, 2022 at 11:55:02PM +0000 schrieb matthew green:
   | >  i'm open to a sysctl to enable the existing usage for
   | >  anyone that absolutely needs it.
   |
   | That would defeat the purpose, wouldn't it?
 
 I agree.  Whatever finally happens, if anything, making it tunable
 helps no-one.
 
 The question is whether we're going to start pandering to broken
 apps which assume argc > 0, and if that, what else?
 My guess would be that such apps also assume that **argv != '\0',
 so should that be an error as well?
 
 Or should we just fix anything we find that is broken?  That is
 what we did (do) with apps that reference *NULL - or should we
 also go back to making that work?
 
 I doubt fixing breakage here would be very hard, finding refs
 to refs of argv[0] isn't all that difficult.   This also is not
 urgent, I'm not aware af anything that calls any of the exec()
 functions without giving a value for argv[0] - is anyone?
 
 kre
 
 ps: if you really want to have the kernel prevent any bugs
 from occurring in any application code - that's trivial to
 accomplish.  Simply have the exec() sys call simply return
 EINVAL in all cases.  No more bugs in user code.  Just don't
 do that in the kernel I run, I like my application bugs...