Asking about execv() in os_exec()

Jouni Malinen j
Thu Aug 6 01:47:45 PDT 2015 

On Thu, Aug 06, 2015 at 05:14:12AM +0000, ??? wrote:
> The commands are like below.
> =>
>            : 
> Executing wpa_cli -ip2p0 -g at android:wpa_wlan0 -p/data/misc/wifi/sockets -a/data/sbin/cli-action.sh &
> Executing wpa_cli -ip2p0 -g at android:wpa_wlan0 -p/data/misc/wifi/sockets p2p_connect 02:03:7f:10:4e:fd 12345670 display freq=2442 > /data/misc/wifi/cli_status
> execv: Exec format error

What are the two very first bytes on the /data/sbin/cli-action.sh?

"Exec format error" is reported if they are not "#!" (followed by the
interpreter) in case you are trying to execute a shall script rather
than a binary executable.

> Chip vendor put the "cli-action.sh" file into /data/sbin before testing (adb push cli-action.sh /data/sbin/) and run it by using above command.
> They said the 'path' , the 1st argument of execv(), is just path without file name
> and the action file name should be inputted in 'argv[0]' , the 2nd argument, if we use execv().

That's an interesting, but incorrect, claim. execv() is documented with:
"The initial argument for these functions is the name of a file that is
to be executed."

argv[0] does not really play any part in selecting which file to
execute. In other words, even something like this runs /tmp/real-prog:

    char *arg[2];

    arg[0] = "something-that-does-not-exist";
    arg[1] = NULL;

    if (execv("/tmp/real-prog", arg) < 0)
	perror("execv");

while this won't:

    arg[0] = "real-prog"; //either this
    arg[0] = "/tmp/real-prog"; //or this
    arg[1] = NULL;

    if (execv("/tmp", arg) < 0)
	perror("execv");

(that will report "Permission denied" since /tmp is a directory and not
something that can be executed)

> And they said the execvp() , execve() can search the action file from PATH variable and run it if the path is not in the arguments.

That is correct. However, execve() will still not help if the action
script is a shell script that does not start with "#!". execve() will
report that exact same "Exec format error" with such a file.
Interestingly, execvp() does actually run the script.

So yes, it would be possible to replace execv() with execvp() and get a
shell script executed without the proper interpreter line in the
beginning. However, I don't think it is a good idea to do so in this
type of cases, i.e., it is safer to require full path to both the
program to execute and the interpreter to be specified.

You should be able to make this work by editing /data/sbin/cli-action.sh
to start with this line:
#!/system/bin/sh

And no empty line or comments, etc., before that; if the editor adds
UTF-8 BOM or some other extra characters in the beginning, it may be
necessary to remove those as well.

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list