I am playing with Pex and one of the parameters it passes into my method is "\0"
.
What does that mean? My guess is an empty string (""
) based on the content of my method. However, if it is the same then why not just use ""
instead of "\0"
?
Anyone know what it is?
'\0' is a "null character". It's used to terminate strings in C and some portions of C++. Pex is doing a test to see how your code handles the null character, likely looking for the Poison Null Byte security exploit.
Most C# code has nothing to fear; if you pass your string to unmanaged code, however, you may have problems.
Edit:
Just to be explicit... Pex is passing a string containing a null character. This is not a null reference.
It's a string containing the character '\0'. C# doesn't treat this in any particularly special way - it's just unicode character U+0000. If you write:
int firstCodePoint = text[0];
then you'll find firstCodePoint
is 0.
It's a string with a null character. Older string libraries — like that used in C or older C++ libraries — used the '\0' character to indicate the end of the string.
Newer environments like .Net use a different system, but there is a lot of history around ending a string with '\0', such that it's a common point of error. Testing libraries like Pex will use it to make sure your program handles it correctly.
A string of length 1, containing the character \u0000 (aka NUL). This character is not treated specially.
In C, which uses \0 to terminate string, you also allocate a string of length 1. In this case the standard string functions will report a length of 0, since the string contains \0 as well as being terminated with it. You could safely modify str[0], or strncat a single character into it.
Escape Sequence
\0
Character Name
Null
Unicode Encoding
0x0000
来源:https://stackoverflow.com/questions/2292850/c-sharp-what-does-0-equate-to