Revision as of 22:46, 15 May 2007 edit Michael Hardy (talk \| contribs) Administrators 210,577 edits mNo edit summary ← Previous edit		Revision as of 12:46, 15 October 2007 edit undo Henke37 (talk \| contribs) 265 edits m wording Next edit →
Line 19: === String termination === In many environments, it is possible to truncate the string with clever input. * PHP: '''%00''' (NUL) can terminate strings, when used for API calls that uses it to terminate strings. * Oracle: '''CHR(0)''' (NUL) can terminate strings when used for e.g. EXECUTE IMMEDIATE.

Improper input validation: Difference between revisions