From 1aaad64a6f67e17dc9eb544073b49c5993286232 Mon Sep 17 00:00:00 2001
From: Matt Westcott <matt@west.co.tt>
Date: Tue, 3 Jul 2018 16:55:59 +0100
Subject: [PATCH] Reject null characters in redirect URLs

---
 wagtail/wagtailredirects/middleware.py |  3 +++
 wagtail/wagtailredirects/tests.py      | 13 +++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/wagtail/wagtailredirects/middleware.py b/wagtail/wagtailredirects/middleware.py
index 7e1376af0..d7d839a15 100644
--- a/wagtail/wagtailredirects/middleware.py
+++ b/wagtail/wagtailredirects/middleware.py
@@ -15,6 +15,9 @@ else:
 
 
 def _get_redirect(request, path):
+    if '\0' in path:  # reject URLs with null characters, which crash on Postgres (#4496)
+        return None
+
     try:
         return models.Redirect.get_for_site(request.site).get(old_path=path)
     except models.Redirect.MultipleObjectsReturned:
diff --git a/wagtail/wagtailredirects/tests.py b/wagtail/wagtailredirects/tests.py
index e56620032..b0f61857f 100644
--- a/wagtail/wagtailredirects/tests.py
+++ b/wagtail/wagtailredirects/tests.py
@@ -273,6 +273,19 @@ class TestRedirects(TestCase):
 
         self.assertRedirects(response, '/redirectto', status_code=301, fetch_redirect_response=False)
 
+    def test_reject_null_characters(self):
+        response = self.client.get('/test%00test/')
+        self.assertEqual(response.status_code, 404)
+
+        response = self.client.get('/test\0test/')
+        self.assertEqual(response.status_code, 404)
+
+        response = self.client.get('/test/?foo=%00bar')
+        self.assertEqual(response.status_code, 404)
+
+        response = self.client.get('/test/?foo=\0bar')
+        self.assertEqual(response.status_code, 404)
+
 
 class TestRedirectsIndexView(TestCase, WagtailTestUtils):
     def setUp(self):