问题描述
我正在玩以及其中传入的参数之一我的方法是\0
。
这是什么意思?我的猜测是基于我的方法的内容的空字符串()。但是,如果它是一样的,那么为什么不使用
而不是
\0
? p>
任何人都知道是什么?
'\0' 。它用于终止C和C ++的一些部分的字符串。 Pex正在进行测试,以了解您的代码如何处理空字符,可能会查找安全漏洞。
大多数C#代码没有什么可怕的;但是,如果您将字符串传递给非托管代码,则可能会出现问题。
编辑:
只是为了明确... Pex正在传递包含空字符的字符串。这不是空引用。
I am playing with Pex and one of the parameters it passes into my method is "\0"
.
What does that mean? My guess is an empty string (""
) based on the content of my method. However, if it is the same then why not just use ""
instead of "\0"
?
Anyone know what it is?
'\0' is a "null character". It's used to terminate strings in C and some portions of C++. Pex is doing a test to see how your code handles the null character, likely looking for the Poison Null Byte security exploit.
Most C# code has nothing to fear; if you pass your string to unmanaged code, however, you may have problems.
Edit:
Just to be explicit... Pex is passing a string containing a null character. This is not a null reference.
这篇关于C# - “\0”是什么等于的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!