7

I developed many years in C and only now discovered that a program can execute code prior to main() function. Here is a code example

int generateNum(){ // Some malicious code here... return 5; } static int someArray[] = {generateNum(),generateNum()} int main(){ // Some code here... }

The function generateNum() is called twice before main().

My questions are

  1. Who calls generateNum()? I know that on Windows it is crtexe()
  2. Is this behavior standardized on different platforms: Windows/Linux/Android/iOS?
  3. How can I get more information about this behavior? I want to search in Google, but I don't know how to describe it.
  4. Can I do anything I want inside the generateNum()? I mean, can I call malloc()? What about fopen() and fwrite()? Can I open a socket and send information over UDP? Eventually I can abuse this function and even call to main() from it :-)
Improve this question
13
  • 7
    static objects are initialized before main is entered, as per the standard (C++ standard as far as I am certain, but I think C as well). Commented Nov 26, 2013 at 13:43
  • In fact, dummy statics can be used to invoke certain code from their constructors before main is entered. Commented Nov 26, 2013 at 13:46
  • 2
    The caveat is that you don't know in which order initialization is performed. It can even change between compiles on the same machine, depending on the link order, object file layout and the phase of the moon. Commented Nov 26, 2013 at 13:53
  • 3
    "C/C++" is not a language. -1 for a fictituous question that makes no sense. Commented Nov 26, 2013 at 13:55
  • 3
    This code is not valid C. In that language global initialisers have to be constant, so main is the first user-provided code to be executed. Commented Nov 26, 2013 at 13:57

2 Answers 2

Reset to default
7
  1. C++ guarantees that such initialisations take place before main. This can be taken care of by the operating system loader/linker, or by some special module linked against the object file that contained main. For gcc, this is described here: http://gcc.gnu.org/onlinedocs/gccint/Initialization.html
  2. Not quite. C++11, 3.6.2.4 (basic.start.init): It is implementation-defined whether the dynamic initialization of a non-local variable with static storage duration is done before the first statement of main. Note that initialization takes place before you can ever access that value, though, especially before there is any notion of reference to an entity in the same compilation unit.
  3. [basic.start.init] in the language standard is what you want to have a look at. The behaviour here is dynamic initialization for variables with static storage duration.
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Can I call malloc() from initialization function? What about fopen() and fwrite()? Can I open a socket and send information over UDP?
@DanielHsH, no to all of the things you mentioned.
P.s., I just tried malloc() and it works on windows and linux.
@DanielHsH, I would expect it to work (since many container classes that you may want to use will use dynamic memory allocation), but I don't know-- C++ has many rules and exceptions. However: Since we're talking about a C++ exclusive feature here, you don't want to use malloc(); instead, use new and new[] unless you have a very good reason not to (e.g., interfacing with C code that does free).
7

A program shall contain a global function called main, which is the designated start of the program.

It doesn't say that no code executes before main is called. Full quote:

3.6.1 Main function [basic.start.main]

1 A program shall contain a global function called main, which is the designated start of the program. It is implementation-defined whether a program in a freestanding environment is required to define a main function. [Note: in a freestanding environment, start-up and termination is implementation-defined; start-up contains the execution of constructors for objects of namespace scope with static storage duration; termination contains the execution of destructors for objects with static storage duration. ]

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.