fakedad fakedad - 22 days ago 7
C Question

Getting "Syscall param execve(argv) points to unaddressable byte(s)" in valgrind

Running the following C program with

valgrind --leak-check=yes
results in valgrind giving an output indicating that

Syscall param execve(argv) points to unaddressable byte(s)


The program is as follows:

int main() {
const int NUM_ARGS = 3;
char** run_arguments = malloc(sizeof(char*)*NUM_ARGS);
run_arguments[0] = "ls";
run_arguments[1] = "-l";
run_arguments[2] = "--color";
char* full_path = "/bin/ls";
int pid = fork();
if (pid == 0)
execv(full_path,run_arguments);
else {
int status;
waitpid(pid,&status,WUNTRACED);
free(run_arguments);
}
return 0;
}


According to valgrind, the problem occurs on the line
execv(full_path,run_arguments);
, and the problem originates from the
malloc
done on the line
char** run_arguments = malloc(sizeof(char*)*NUM_ARGS);
.

What mistake have I made that causes valgrind to give this output?

Answer

The argument list must be terminated by a NULL pointer. Add one element to the run_arguments array, and have it be a NULL pointer.

Without the null pointer argument, the exec functions will go out of bounds in their search for the terminator, and will treat every non-null element as an argument that should be passed to the program. That leads to undefined behavior.

This is clearly noted in the exec manual page.