On Tue, 9 Nov 2004 Valdis.Kletnieks@xxxxxx wrote: > Ah, but what if the 2 trailing B's are replaced by 2 Unicode chars that > together take up 4 bytes? ;) Or we can realize that in Windows NT, XP, and above, all "characters" are two-byte-wide UNICODE characters, and that we're not seeing "[NULs] inserted between characters" but simply UNICODE characters with very low ordinals. It's probably worth pointing out that a large fraction of the 16-bit UNICODE space is taken up with Chinese, Japanese, and Korean characters. In fact, UNICODE codepoint 0x9090 happens to be the Chinese character for [li3], "winding" or "meandering". Chinese poetry shellcode, anybody? --Jeffrey
