The null character (also null terminator) is a character with the value zero, present in the ASCII and Unicode character sets, and available in nearly all mainstream programming languages. For other uses see Character. In Computer and machine-based Telecommunications terminology a character is a unit of American Standard Code for Information Interchange ( ASCII) In Computing, Unicode is an Industry standard allowing Computers to consistently represent and manipulate text expressed in most of the world's A programming language is an Artificial language that can be used to write programs which control the behavior of a machine particularly a Computer. The original meaning of this character was like NOP — when sent to a printer or a terminal, it does nothing (some terminals, however, incorrectly display it as space). In Computer science NOP or NOOP (short for N o OP eration) is an Assembly language instruction sequence of programming A computer terminal is an electronic or electromechanical hardware device that is used for entering data into and displaying data from a Computer or a Computing In writing a space () is a blank area that is devoid of content which separates words letters numbers and punctuation On punched tapes, this character is represented with no holes at all, so a new unpunched tape is initially filled with null characters. Punched tape or paper tape is a largely obsolete form of Data storage, consisting of a long strip of paper in which holes are punched to store data

On many computer and data terminal keyboards, it was possible to type a null character by holding down the Control key and pressing "@" (which usually required also holding Shift and pressing another key such as "2" or "P"). Consequently, in some contexts, the null character is represented visually as "^@". In other contexts, it is represented as a subscript, single-em-width "NUL". An em is a unit of measurement in the field of Typography, equal to the point size of the current Font. In Unicode, there is a character for visual representation of null character, "symbol for null", U+2400 (␀) — not to be confused with the actual null character, U+0000. In Computing, Unicode is an Industry standard allowing Computers to consistently represent and manipulate text expressed in most of the world's

Use as string terminator

The character has special significance in C and its derivatives, where it serves as a reserved character used to signify the end of strings. tags please moot on the talk page first! --> In Computing, C is a general-purpose cross-platform block structured In Computer programming and some branches of Mathematics, a string is an ordered Sequence of Symbols. The null character is often represented as the escape sequence '\0' in source code. This article refers to codes used as commands for computing devices In Computer science, source code (commonly just source or code) is any sequence of statements or declarations written in some Human-readable Strings ending in a null character are said to be null-terminated.

This differs from certain other languages (such as Pascal) which traditionally store a string as an array preceded by a string length. Pascal is an influential imperative and procedural Programming language, designed in 1968/9 and published in 1970 by Niklaus Wirth as a small The main advantage of using a null character is that strings can be of any length, and only one character of additional storage is required. Null-terminated strings can also have efficiency benefits, since operations that traverse a string don't need to keep track of how many characters have been seen, and operations which modify the string's length do not need to update the stored length. Cache performance can also be better.

Conversely, the advantage of storing the string's length is that it is always immediately available in constant time; a program using null-terminated strings must count every character in a string to find the string's length, which requires linear or O(n) time. In mathematics big O notation (so called because it uses the symbol O) describes the limiting behavior of a function for very small or very large arguments Also, storing the length allows strings to contain null characters, which can simplify data processing by eliminating exceptions. In null-terminated strings, the first occurring null character is interpreted as the end of the string.

However, the datatype used to store the length of a string is also important. A data type in Programming languages is an attribute of a datum which tells the computer (and the programmer something about the kind of datum it is If the length is stored as a byte, as in some early implementations of Pascal, strings are limited to a maximum of 255 characters. A byte (pronounced "bite" baɪt is the basic unit of measurement of information storage in Computer science. On the other hand, the use of a larger datatype will increase the overhead beyond that of a null-terminated string. In Computer science, overhead is generally considered any combination of excess or indirect computation time memory bandwidth or other resources that are required to be utilized In the 1970s, when C was designed, space considerations were much more important than they are at present, which greatly influenced the choice for null-terminated strings. This article is about the Decade 1970-1979 For the Year 1970 see 1970.

A byte with all bits set to 0, called the null character, shall exist in the basic execution character set; it is used to terminate a character string literal.

- ANSI/ISO 9899:1990 (the ANSI C standard), section 5. 2. 1

A string is a contiguous sequence of characters terminated by and including the first null character.

- ANSI/ISO 9899:1990 (the ANSI C standard), section 7. 1. 1

A null-terminated byte string, or NTBS, is a character sequence whose highest-addressed element with defined content has the value zero (the terminating null character).

- ISO/IEC 14882 (the ISO C++ standard), section 17. 3. 2. 1. 3. 1

Security exploit: Poison NULL byte

`Poison NULL byte` was originally used by Olaf Kirch in a Bugtraq post in the October 1998. Bugtraq is an Electronic mailing list dedicated to issues about Computer security. It was further explored by Rain Forest Puppy in Phrack Issue 55, article 7. Phrack is an Underground ezine written by and for hackers first published November 17, 1985.

The poison null byte exploit takes advantage of how strings with a known length can contain null bytes and what happens when that string is converted for use with an API that does use null terminated strings. The end result is that by carefully placing a NULL byte in the string, the attacker is able to force the string to end at that point, even after the application have appended more characters to the string, like for example, a file extension. Some examples of Poison NULL byte usages includes:

• Terminating a file name string, such as removing a mandatory file extension.
• Terminating/commenting a SQL statement when executing code dynamically, such as Oracle EXECUTE IMMEDIATE.

Typically, `Poison NULL byte` is exploited along with another type of exploit such as Directory traversal or SQL Injection; Poison NULL byte is often used to simplify or enhance other attacks. A directory traversal (or path traversal) is to exploit insufficient security validation / sanitization of user-supplied input file names so that characters representing SQL injection is a technique that exploits a Security vulnerability occurring in the Database layer of an application.

See also

• Control characters

In Computing and Telecommunication, a control character or non-printing character is a Code point (a Number) in a

---

© 2009 citizendia.org; parts available under the terms of GNU Free Documentation License, from http://en.wikipedia.org
Dapyx Software network: MP3 Explorer | Ebook Manager | Zenithic