|
The null character (also null terminator) is a character with the value zero, present in the ASCII and Unicode character sets, and available in nearly all mainstream programming languages. The original meaning of this character was like NOP — when sent to a printer or a terminal, it does nothing (some terminals, however, incorrectly display it as space). On punched tapes, this character is represented with no holes at all, so a new unpunched tape is initially filled with null characters. Image File history File links Broom_icon. ...
Image:ASCII fullsvg There are 95 printable ASCII characters, numbered 32 to 126. ...
Unicode is an industry standard designed to allow text and symbols from all of the writing systems of the world to be consistently represented and manipulated by computers. ...
A programming language is an artificial language that can be used to control the behavior of a machine, particularly a computer. ...
NOP or NOOP (short for No OPeration) is an assembly language instruction, sequence of programming language statements, or computer protocol command that does nothing at all (besides wasting clock cycles). ...
This does not cite any references or sources. ...
A computer terminal is an electronic or electromechanical hardware device that is used for entering data into, and displaying data from, a computer or a computing system. ...
A space is a punctuation convention for providing interword separation in some scripts, including the Latin, Greek, Cyrillic, and Arabic. ...
A roll of punched tape Punched tape is an old-fashioned form of data storage, consisting of a long strip of paper in which holes are punched to store data. ...
On many computer and data terminal keyboards, it was possible to type a null character by holding down the Control key and pressing "@" (which usually required also holding Shift and pressing another key such as "2" or "P"). Consequently, in some contexts, the null character is represented visually as "^@". In other contexts, it is represented as a subscript, single-em-width "NUL". In Unicode, there is a character for visual representation of null character, "symbol for null", U+2400 (␀) — not to be confused with the actual null character, U+0000. An em is a unit of measurement in the field of typography, equal to the pt size of the current font. ...
Unicode is an industry standard designed to allow text and symbols from all of the writing systems of the world to be consistently represented and manipulated by computers. ...
The character has special significance in C and its derivatives, where it serves as a reserved character used to signify the end of strings. The null character is often represented as '0' in source code (in reality an octal escape sequence). Strings ending in a null character are said to be null-terminated. C is a general-purpose, block structured, procedural, imperative computer programming language developed in 1972 by Dennis Ritchie at the Bell Telephone Laboratories for use with the Unix operating system. ...
In various branches of mathematics and computer science, strings are sequences of various simple objects (symbols, tokens, characters, etc. ...
Source code (commonly just source or code) is any series of statements written in some human-readable computer programming language. ...
The octal numeral system, or oct for short, is the base-8 number system, and uses the digits 0 to 7. ...
To meet Wikipedias quality standards, this article or section may require cleanup. ...
This differs from certain other languages (such as Pascal) which store a string as an array preceded by a string length. The main advantage of using a null character is that strings can be of any length, and only one character of additional storage is required. Null-terminated strings can also have efficiency benefits, since operations that traverse a string don't need to keep track of how many characters have been seen, and operations which modify the string's length do not need to update the stored length. Cache performance can also be better. Pascal is an imperative computer programming language, developed in 1970 by Niklaus Wirth as a language particularly suitable for structured programming. ...
Conversely, the advantage of storing the string's length is that it is always immediately available in constant time; a program using null-terminated strings must count every character in a string to find the string's length, which requires linear or O(n) time. Also, storing the length allows strings to contain null characters, which can simplify data processing by eliminating exceptions. In null-terminated strings, the first occurring null character is interpreted as the end of the string. Big O notation or Big Oh notation, and also Landau notation or asymptotic notation, is a mathematical notation used to describe the asymptotic behavior of functions. ...
However, the datatype used to store the length of a string is also important; if the length is stored as a byte, as in Pascal, strings may only be up to 255 characters long! Larger datatypes, on the other hand, take up more space than a null character (a 16-bit number occupies two bytes, and a 32-bit number takes four). In the 1970s, when C was designed, space considerations were much more important than they are at present, which greatly influenced the choice for null-terminated strings. In computer science, a datatype or data type (often simply a type) is a name or label for a set of values and some operations which one can perform on that set of values. ...
The 1970s decade refers to the years from 1970 to 1979. ...
- A byte with all bits set to 0, called the null character, shall exist in the basic execution character set; it is used to terminate a character string literal.
- - ANSI/ISO 9899:1990 (the ANSI C standard), section 5.2.1
- A string is a contiguous sequence of characters terminated by and including the first null character.
- - ANSI/ISO 9899:1990 (the ANSI C standard), section 7.1.1
- A null-terminated byte string, or NTBS, is a character sequence whose highest-addressed element with defined content has the value zero (the terminating null character).
- - ISO/IEC 14882 (the ISO C++ standard), section 17.3.2.1.3.1
Security exploit: Poison NULL byte
`Poison NULL byte` was originally used by Olaf Kirch in a Bugtraq post in the October 1998. It was further explored by Rain Forest Puppy in Phrack Issue 55, article 7. Bugtraq is a full disclosure mailing list dedicated to issues about computer security. ...
Phrack is an underground ezine made by and for hackers that has been around since November 17, 1985. ...
`Poison NULL byte` exploits the (unexpected) behaviour of many programming interfaces, which often terminates string handling upon the NUL character. Some examples of Poison NULL byte usages includes:
- Terminating a file name string, such as removing a mandatory file extension.
- Terminating/commenting a SQL statement when executing code dynamically, such as Oracle EXECUTE IMMEDIATE.
Typically, `Poison NULL byte` is exploited along with another type of exploit such as Directory traversal or SQL Injection; Poison NULL byte is often used to simplify or enhance other attacks. In the realm of computer security, there is a common attack known as directory traversal. ...
SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. ...
See also |
Feeds |
Contact