Re^8: Why do poisoned null attacks still work ?

in reply to Re^7: Why do poisoned null attacks still work ?
in thread Why do poisoned null attacks still work ?

Unlike C, the end of a Perl string is determined by a field outside of the string's payload. This allows Perl strings to contain any characters, including NUL.

As protection against XS authors who treat the string payload as a C string, Perl strings usually have an extra byte allocated, set to NUL. As I understand it, this is a courtesy, not a guarantee.

Comment on Re^8: Why do poisoned null attacks still work ?

Replies are listed 'Best First'.
Re^9: Why do poisoned null attacks still work ? by ysth (Canon) on Jul 26, 2009 at 20:18 UTC
AFAIK Perl itself is completely safe in this regard, but from XS you can (and in some cases would want to) create scalars that don't comply (for instance, pointing into some larger block of allocated memory). -- Online Fortune Cookie Search Office Space merchandise	[reply]

In Section Seekers of Perl Wisdom