Improper input validation

This article does not cite any sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Improper input validation" – news · newspapers · books · scholar · JSTOR (December 2009) (Learn how and when to remove this message)

The topic of this article may not meet Wikipedia's general notability guideline. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Improper input validation" – news · newspapers · books · scholar · JSTOR (March 2008) (Learn how and when to remove this message)

String exploits are security exploits involving handling of string data in computer software.

It is possible to cause String1 + User_Input_String + String2 to behave in unexpected ways by crafting unanticipated User_Input_String, such as having string2 ignored in processing.

In many environments, it is possible to truncate the string with clever input.

• PHP: %00 (NUL) can terminate strings, when used for API calls that uses it to terminate strings.
• Oracle: CHR(0) (NUL) can terminate strings when used for e.g. EXECUTE IMMEDIATE.

In many environments, it is possible to "ask" the system to ignore the rest of the string, using "comment" characters.

• Many languages: /* means ignore everything until a */ combination.
• SQL: -- means ignore rest of line
• Unix shells: # means ignore rest of line

• Format string attack - unchecked *printf format strings are dangerous
• Buffer overflow - Buffer overflows often occurs in unsafe string functions
• Cross-site scripting - unsafe output of input strings
• Directory traversal - concatenating strings to create a filename is not a good idea
• SQL injection - concatenating strings to create a SQL statement is not a good idea