|
Naziv
|
Embedding NULL Bytes
|
|
Sažetak
|
An attacker embeds one or more null bytes in input to the target software. This attack relies on the usage of a null-valued byte as a string terminator in many environments. The goal is for certain components of the target software to stop processing the input when it encounters the null byte(s).
|
|
Preduvjeti
|
The program does not properly handle postfix NULL terminators
|
|
Rješenja
|
Properly handle the NULL characters supplied as part of user input prior to doing anything with the data.
|
