[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] CHICKEN in production
|
From: |
Peter Bex |
|
Subject: |
Re: [Chicken-hackers] CHICKEN in production |
|
Date: |
Mon, 13 Oct 2014 14:39:29 +0200 |
|
User-agent: |
Mutt/1.4.2.3i |
On Mon, Oct 13, 2014 at 02:35:54PM +0200, Michele La Monaca wrote:
> I must confess I didn't read the entire thread. But, what exactly buys
> us barring NUL in strings other than limiting the usefulness of the
> type and its powerful API (while breaking a lot of things along the
> way)? Also, NUL is a valid UTF-8 character.
It is also a valid UTF-8 character. The issue at hand is protection
against injection of NUL characters which causes the string to be
implemented differently by C (which uses NUL as an in-band control
character to mark end of string). Only bad languages stupidly pass
on strings with embedded NUL characters straight to C.
I've written extensively about such bugs on my blog. See for example
http://www.more-magic.net/posts/lessons-learned-from-nul-byte-bugs.html
Cheers,
Peter
--
http://www.more-magic.net
- Re: [Chicken-hackers] CHICKEN in production, (continued)
- Re: [Chicken-hackers] CHICKEN in production, Jörg F. Wittenberger, 2014/10/08
- Re: [Chicken-hackers] CHICKEN in production, Peter Bex, 2014/10/08
- Re: [Chicken-hackers] CHICKEN in production, Jörg F. Wittenberger, 2014/10/08
- Re: [Chicken-hackers] CHICKEN in production, John Cowan, 2014/10/08
- Re: [Chicken-hackers] CHICKEN in production, Jörg F. Wittenberger, 2014/10/10
- Re: [Chicken-hackers] CHICKEN in production, Christian Kellermann, 2014/10/10
- Re: [Chicken-hackers] CHICKEN in production, Jörg F. Wittenberger, 2014/10/10
- Re: [Chicken-hackers] CHICKEN in production, Christian Kellermann, 2014/10/10
- Re: [Chicken-hackers] CHICKEN in production, Jörg F. Wittenberger, 2014/10/10
- Re: [Chicken-hackers] CHICKEN in production, Michele La Monaca, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production,
Peter Bex <=
- Re: [Chicken-hackers] CHICKEN in production, Michele La Monaca, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, Peter Bex, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, John Cowan, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, Michele La Monaca, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, Aleksej Saushev, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, John Cowan, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, Aleksej Saushev, 2014/10/14
- Re: [Chicken-hackers] CHICKEN in production, Florian Zumbiehl, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, John Cowan, 2014/10/13
- Re: [Chicken-hackers] CHICKEN in production, Florian Zumbiehl, 2014/10/13