最近在看深入理解计算机系统,看到一个函数叫做execve(),这个函数很有意思,可以在一个进程插入另外一个进程执行,但是又不像fork()一样产生一个子进程,execve()插入的进程和原进程共享进程号,就好像执行这进程就像执行过程调用一般随意。
函数原型如下:
int execve(const char *filename, char *const argv[], char *const envp[]);
EXAMPLE The following program is designed to be execed by the second program below. It just echoes its command-line one per line. /* myecho.c */ #include <stdio.h> #include <stdlib.h> int main(int argc, char *argv[]) { int j; for (j = 0; j < argc; j++) printf("argv[%d]: %s\n", j, argv[j]); exit(EXIT_SUCCESS); } This program can be used to exec the program named in its command-line argument: /* execve.c */ #include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int argc, char *argv[]) { char *newargv[] = { NULL, "hello", "world", NULL }; char *newenviron[] = { NULL }; if (argc != 2) { fprintf(stderr, "Usage: %s <file-to-exec>\n", argv[0]); exit(EXIT_FAILURE); } newargv[0] = argv[1]; execve(argv[1], newargv, newenviron); perror("execve"); /* execve() only returns on error */ exit(EXIT_FAILURE); } We can use the second program to exec the first as follows: $ cc myecho.c -o myecho $ cc execve.c -o execve $ ./execve ./myecho argv[0]: ./myecho argv[1]: hello argv[2]: world
插入一个shell脚本执行:
#include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int argc, char *argv[]) { char *newargv[] = { "/etc" }; char *newenviron[] = { NULL }; if (argc != 2) { fprintf(stderr, "Usage: %s <file-to-exec>\n", argv[0]); exit(EXIT_FAILURE); } newargv[0] = argv[1]; execve(argv[1], newargv, newenviron); perror("execve"); /* execve() only returns on error */ exit(EXIT_FAILURE); }
script.sh如下:
#!/bin/bash ls
执行:
./execve ./script.sh
会在当前终端下输出所有的文件
yca@ubuntu:~/桌面/hello$ ./execve ./script.sh 1 execve hello1 hello3 hello5 hello_lex 1.txt execve.c hello1.c hello3.cpp hello5.c k_max Bubble hello hello1.o hello3.o hello5.o k_max.c Bubble.c hello.c hello2.c hello3.s hello5.s lex.yy.c QuickSort.c hello.lex hello2.o hello4 hello5.s1 script.sh Quicksort1.c hello.sh hello2.s hello4.c hello51.s
很好很强大~~