Unicodes Gone Wild presented at AppSecCalifornia 2015

by Christien ( Dildog ) Rioux,

Summary : Despite solving an important problem for the internation community, for many years Unicode has been the bane of developers. Proper handling of Unicode characters has lead to numerous injection and filter bypass attacks, as well as buffer management problems. This talk will discuss the oddities of proper Unicode handling, as well as revealing some common problems with handling Unicode in various operating systems, applications, and frameworks.