1

Why I shouldn't add a null character to the end of a non null-terminated string like in this answer? I mean if I have a non null-terminated string and add null character to the end of the string, I now have a null-terminated string which should be good, right? Is there any security problem I don't see?

Here's the code in case the answer gets deleted:

char letters[SIZE + 1];  // Leave room for the null-terminator.

// ...
// Populate letters[].
// ...

letters[SIZE] = '\0';  // Null-terminate the array.
Community
  • 1
  • 1
Kostrahb
  • 709
  • 1
  • 9
  • 21
  • 1
    There is no such thing as a "not null-terminated string" in C. C strings are, like, C strings *because* they are terminated with a zero. You may want to [edit] your question and use some phrase such as "a random sequence of characters (excluding binary zero)". – Jongware Mar 13 '16 at 13:17
  • I don't see any problem with adding a NUL to turn an array of chars into a C 'string type'. I've not encountered any either. – Martin James Mar 13 '16 at 13:20
  • So why did the answer recieved negative reputation? – Kostrahb Mar 13 '16 at 13:21
  • @Kostrahb I don't know. Possibly because you seem to think it may be a bad idea but don't explain why? – Martin James Mar 13 '16 at 13:23
  • @Martin James The answer in link, not this question – Kostrahb Mar 13 '16 at 13:25
  • 1
    I guess the down votes for the answer had to do with the fact that if you populated less than SIZE number of characters then you would in essence be leaving garbage between the last real character and the null. Code should have said something like letters[numChars] = '\0'; – JJF Mar 13 '16 at 13:26
  • It's anyway unavoidable in some circumstances. If some API part-fills a buffer and returns a count instead of adding a null-terminator, (eg. becasue it can transfer binary data with embedded nulls), and you are sure it's text, you can use the count to add the terminator. – Martin James Mar 13 '16 at 13:26
  • If you have an array of more than N characters and you know that N or less of those are meaningful, you can set `array[N]` to 0. There is no harm in this. The problem with the downvoted answer is that it doesn't answer the posed question. OP has no space for the null terminator and no possibility to add it, so the answer is not very useful. – n. m. could be an AI Mar 13 '16 at 14:17

5 Answers5

2

to know the end of the string you must have a null terminated string, otherwise there is no way to know the end of the string

andre_lamothe
  • 2,171
  • 2
  • 41
  • 74
  • Of course if you don't know the length but in the question in the link the length is apparently known. – Kostrahb Mar 13 '16 at 13:15
1

There is nothing technically wrong in terminating the string with \0 this way. However, the approaches you can use to populate the array before adding \0 are prone to error. Take a look in some situations:

  1. Suppose you decide to populate letters char by char. What happens if you forget to add some letters? What if you add more letters than the expected size?

  2. What if there are thousands of letters to populate the array?

  3. What if you need to populate letters with Unicode characters that (often) require more than one byte per symbol?

Of course you can address these situations very carefully but they still will be prone to error when maintaining the code.

Arton Dorneles
  • 1,629
  • 14
  • 18
1

To be clear: a string in C always has one and only one null character - it is the last character of the string. A string is an array of characters. If an array of characters does not have a null character, it is not a string.

A string is a contiguous sequence of characters terminated by and including the first null character. C11dr 7.1.1 1

There is nothing wrong with adding a null character to an array of characters as OP coded.

This is a fine way to form a a string if:

  1. All the preceding characters are defined.

  2. String functions are not call until after a null character is written.

chux - Reinstate Monica
  • 143,097
  • 13
  • 135
  • 256
0

In general, there are two ways of keeping track of an array of some variable number of things:

  1. Use a terminator. Of course, this is the C approach to representing strings: an array of characters of some unknown size, with the actual string length given by a null terminator.
  2. Use an explicit count stored somewhere else. (As it happens, this is how Pascal traditionally represents strings.)

If you have an array containing a known but not null-terminated sequence of characters, and if you want to turn it into a proper null-terminated string, and if you know that the underlying array is allocated big enough to contain the null terminator, then yes, explicitly setting array[N] to '\0' is not only acceptable, it is the way to do it.

Bottom line: it's a fine technique (if the constraints are met). I don't know why that earlier answer was criticized and downvoted.

Steve Summit
  • 45,437
  • 7
  • 70
  • 103
0

You shouldn't use it, to avoid errors (or security holes) due mixing C/Pascal strings.

  • C style string: An array of char, terminated by NULL ('\0')
  • Pascal style string: a kind of structure, with a int with the size of the string, and an array with the string itself.

The Pascal style don't use in-band control, so it can use any char inside it, like NULL. C strings can't, as they use it as signaling control.

The problem is when you mix them, or assume one style when it's another. Or even try to convert between them.

Converting a C string to pascal would do no harm. But if you have a legit Pascal string with more then one NULL character, converting it to C style will cause problem, as it can't represent it.

A good example of this is the X.509 Null Char Exploit, where you could register a ssl certificate to:

www.mysimplesite.com\0www.bigbank.com

The X.509 certificate uses Pascal string, so this is valid. But when checking, the CA could use or assume C code or string style that just sees the first www.mysimplesite.com and signs the certificate. And some brosers parses this certificate as valid also for www.bigbank.com.

So, you CAN use it, but you SHOULD'NT, as it's risky to cause some bug or even a security breach.

More details and info: https://www.blackhat.com/presentations/bh-usa-09/MARLINSPIKE/BHUSA09-Marlinspike-DefeatSSL-SLIDES.pdf https://sites.google.com/site/cse825maninthemiddle/odds-and-ends/x-509-null-char-exploit

Allan Deamon
  • 418
  • 6
  • 18