Talk:cpp/language/main function

Security consideration concerning argv
The explanation section, at a glance, sort of gives the impression that argv[0] is always the program's name. This assumption led to the "PwnKit" privilege escalation vulnerability. The vulnerable code assumed argv[1] to be either the first command line argument or null, when in fact it can be past the end of the array if argc is zero. This led to exploitable out-of-bounds reads and writes.

This same issue exists in the C documentation page for the main function. Kumiponi (talk) 14:14, 12 April 2022 (PDT)