I've read a few articles like this one about a license plate value of NULL (about Droogie from DEF CON 27), including part of chapter three Little Data in the book Humble Pi by Matt Parker (talking about Steve Null), where storing a string value of "NULL" in a database matches NULL values.
With databases I've used (at least AFAIK), "NULL" isn't the same as a NULL value. The state of a field being NULL is stored separately from the value.
So SQL like
SELECT bar
FROM foo
WHERE foobar IS NULL;
would be different than
SELECT bar
FROM foo
WHERE foobar = 'NULL';
When I first heard these stories I thought they must be urban legends, but after seeing a few more it made me wonder if I was missing something? Is it a matter of some databases that don't distinguish "NULL" from is NULL (if so, which ones, any current ones)? Or is it a matter of whoever built the database application storing "NULL" as a string for NULL values or some other poor design?
Further reading:
- BBC on Jennifer Null
- Mashable on Droogie's DEF CON Talk
- Matt Parker on Steve Null
- Passing NULL as a surname in SOAP
- Droogie's Go NULL Yourself talk from Def Con 27
- Droogie finally got his plate renewed
To summarize my question:
- Do some databases mishandle NULL vs. "NULL" ?
- Is that only historical databases, or are there current databases that do the same?
- Is there a logical reason to have "NULL" equal IS NULL from architecture POV?
- Or are all of these an example of an application design failure?
- How can you mess it up that bad?
I'd really love to see an example of some SQL that confuses NULL and 'NULL'.