ArgumentError (string contains null byte)

It’s an user-input… what am I supposed to do?

The code is pretty simple:

@post = post_params

If some users pass a null byte through the REST API (post_params), Rails produces a 500 Internal Server Error on save. This is what I see from logs:

ArgumentError (string contains null byte)

Why Rails doesn’t try to do something better? Like removing null bytes automatically or returning a 4xx error?

What is the correct solution to this 500 error?

1 Like

In the JSON standard (as defined by RFC 8259), null bytes (i.e., the byte with value 0x00) are not allowed within the JSON text.

This means that this is a Rails bug.

When a JSON request is decoded into params, the strings should not contain null bytes. If a string contain null bytes, that is an invalid JSON and an appropriate 4xx error should be returned to the client.

1 Like

I have opened an issue on GitHub: