in reply to Re^5: Why do poisoned null attacks still work ?
in thread Why do poisoned null attacks still work ?

They're not always. While places that omit the trailing NUL tend to get fixed, it's also considered a bug to expect it to be present from what I've seen.
  • Comment on Re^6: Why do poisoned null attacks still work ?

Replies are listed 'Best First'.
Re^7: Why do poisoned null attacks still work ?
by Anonymous Monk on Jul 23, 2009 at 00:45 UTC
    How do you mean?
[reply]

      Unlike C, the end of a Perl string is determined by a field outside of the string's payload. This allows Perl strings to contain any characters, including NUL.

      As protection against XS authors who treat the string payload as a C string, Perl strings usually have an extra byte allocated, set to NUL. As I understand it, this is a courtesy, not a guarantee.

[reply]
        AFAIK Perl itself is completely safe in this regard, but from XS you can (and in some cases would want to) create scalars that don't comply (for instance, pointing into some larger block of allocated memory).
        --
        Online Fortune Cookie Search
        Office Space merchandise
[reply]

In Section Seekers of Perl Wisdom