Breaking Unicode applications

A compilation of techniques to break ‘rich’ applications by through some general rules:
1. Making assumptions about the encoding that has been handed to them
2. Converting byte streams to String objects (represented by the primitive character)
3. An application that ties its behavior to another application downstream that actually interprets the content!

Advertisements