Like its human equivalent, "uh-huh," the null character
lets the sending computer know that the receiving computer is still connected and receiving the data.
This is accomplished by discarding characters up to the next occurence of a letter, then gathering up the letters into the argument buffer: int getword(buf, size) char *buf; int size; [ char *P; int c; p = buf; while ((c = getchar()) !=EOF) if (isletter(c)) [ do [ if (size > 1) [ *p++ = c; size--; ] c = getchar(); ] while (isletter(c)); *p = ' 0'; return p - buf; ] return EOF; ] size is compared with 1 to ensure that there is room for the terminating null character
. isletter is a macro that tests for upper- or lowercase letters: #define isletter(c) (c >= 'a' && c<= 'z' c >= 'A' && c <= 'Z')
By preceding the client login message with NULL characters
an attacker can avoid MS-SQL's built in audit tools.