id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
30064	"Admin search with a null character crashes with ""A string literal cannot contain NUL (0x00) characters."" on PostgreSQL"	kenichi-cc	Can Sarıgöl	"1. Input following URL to browser URL field and access.

http://localhost/admin/auth/user/?q=%00

2. Crash with following Error.

{{{
Environment:


Request Method: GET
Request URL: http://localhost/admin/auth/user/?q=%00

Django Version: 2.1.4
Python Version: 3.6.7
Installed Applications:
['django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'django_extensions',
 'rest_framework',
 'select2',
 'corsheaders',
 .......]
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'corsheaders.middleware.CorsMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware']



Traceback:

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/core/handlers/exception.py"" in inner
  34.             response = get_response(request)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/core/handlers/base.py"" in _get_response
  126.                 response = self.process_exception_by_middleware(e, request)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/core/handlers/base.py"" in _get_response
  124.                 response = wrapped_callback(request, *callback_args, **callback_kwargs)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/contrib/admin/options.py"" in wrapper
  604.                 return self.admin_site.admin_view(view)(*args, **kwargs)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/utils/decorators.py"" in _wrapped_view
  142.                     response = view_func(request, *args, **kwargs)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/views/decorators/cache.py"" in _wrapped_view_func
  44.         response = view_func(request, *args, **kwargs)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/contrib/admin/sites.py"" in inner
  223.             return view(request, *args, **kwargs)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/utils/decorators.py"" in _wrapper
  45.         return bound_method(*args, **kwargs)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/utils/decorators.py"" in _wrapped_view
  142.                     response = view_func(request, *args, **kwargs)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/contrib/admin/options.py"" in changelist_view
  1675.             cl = self.get_changelist_instance(request)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/contrib/admin/options.py"" in get_changelist_instance
  742.             sortable_by,

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/contrib/admin/views/main.py"" in __init__
  81.         self.get_results(request)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/contrib/admin/views/main.py"" in get_results
  209.         result_count = paginator.count

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/utils/functional.py"" in __get__
  37.         res = instance.__dict__[self.name] = self.func(instance)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/core/paginator.py"" in count
  87.             return self.object_list.count()

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/models/query.py"" in count
  383.         return self.query.get_count(using=self.db)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/models/sql/query.py"" in get_count
  498.         number = obj.get_aggregation(using, ['__count'])['__count']

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/models/sql/query.py"" in get_aggregation
  483.         result = compiler.execute_sql(SINGLE)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/models/sql/compiler.py"" in execute_sql
  1065.             cursor.execute(sql, params)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/backends/utils.py"" in execute
  100.             return super().execute(sql, params)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/backends/utils.py"" in execute
  68.         return self._execute_with_wrappers(sql, params, many=False, executor=self._execute)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/backends/utils.py"" in _execute_with_wrappers
  77.         return executor(sql, params, many, context)

File ""/root/.pyenv/versions/3.6.7/envs/app/lib/python3.6/site-packages/django/db/backends/utils.py"" in _execute
  85.                 return self.cursor.execute(sql, params)

Exception Type: ValueError at /admin/auth/user/
Exception Value: A string literal cannot contain NUL (0x00) characters.

}}}
"	Bug	closed	contrib.admin	2.1	Normal	fixed			Ready for checkin	1	0	0	0	0	0