/*
 *
 * Copyright (C) Jiri Kosina, 2006
 *
 * Funny ugly thing I have written when reading a question in
 * comp.os.linux.development.system, regarding the possibility
 * to access the argv[] array even if the main() function is
 * missing proper arguments in it's prototype.
 *
 * Works for me even on systems with randomized stack. Maybe you'll
 * have to tune it if you have stack bigger than 2 pages or your
 * glibc/dynamic linker has different #defines from mine
 *
 */

#include <stdlib.h>

/* for two-pages stack */
#define STACK_MASK 0xffffe000

int main()
{
	int *stack;
	int stack_i;
	int addr = 3;
	int found = 0;
	int stack_mask;

	__asm__("movl   %%esp, %0" : : "m" (stack_i));
	stack_i &= STACK_MASK;
	stack_i+=2*4096-4;
	stack = (int *)stack_i;

	printf("stack pointer: %p\n", stack);
	
	while(!found){
		/* ugly. rely on the dynamic linker's header just after
		 * the last pointer of **envp. should be pretty reliable
		 * though
		 */
		if (*stack == 0x20 && *(stack-1) == 0x0)
			found = 1;
		else
			stack--;
	}
	stack--;
	/* now at the end of envp */
	printf("envp at %p\n", stack);
	stack--;
	/* now we can get the stack two-pages mask by masking the contents */
	stack_mask = *stack & STACK_MASK;
	while(*stack)
		stack--;
	/* now at the beginning of envp */
	stack--;
	/* now at the end of argv */
	printf("\nargv follows\n============\n");
	while(((int)*stack & STACK_MASK) == stack_mask) {
		printf("%s\n", *(char**)stack);
		stack--;
	}
	
}