#4422 - An ArgumentError - string contains null byte
I thought we've already handled this error and we are removing/stripping null bytes "globally".
An ArgumentError occurred in help#faq:
string contains null byte
app/controllers/help_controller.rb:36:in `find_category'
-------------------------------
Request:
-------------------------------
* URL : https://www.bikelink.org/help/faq?category=../../../../../etc/passwd%00
* HTTP Method: GET
* IP address : 155.2.190.139
* Parameters : {"category"=>"../../../../../etc/passwd\u0000", "controller"=>"help", "action"=>"faq"}
* Timestamp : 2026-03-20 05:08:04 UTC
* Server : www-9.internal.bikelink.org
* Rails root : /var/www/bikelink
* Process: 2449727
-------------------------------
Session:
-------------------------------
* session id: [FILTERED]
* data: {}
-------------------------------
Environment:
-------------------------------
* GATEWAY_INTERFACE : CGI/1.2
* HTTP_ACCEPT : */*
* HTTP_ACCEPT_ENCODING : gzip, br
* HTTP_CONNECTION : close
* HTTP_HOST : www.bikelink.org
* HTTP_VERSION : HTTP/1.0
* HTTP_X_AMZN_TRACE_ID : Root=1-69bcd634-5dd24d2c337902615f3817c8
* HTTP_X_FORWARDED_FOR : 155.2.190.139, 155.2.190.139
* HTTP_X_FORWARDED_PORT : 443
* HTTP_X_FORWARDED_PROTO : https
* ORIGINAL_FULLPATH : /help/faq?category=../../../../../etc/passwd%00
* ORIGINAL_SCRIPT_NAME :
* PATH_INFO : /help/faq
* QUERY_STRING : category=../../../../../etc/passwd%00
* REMOTE_ADDR : 127.0.0.1
* REQUEST_METHOD : GET
* REQUEST_PATH : /help/faq
* REQUEST_URI : /help/faq?category=../../../../../etc/passwd%00
* ROUTES_13720_SCRIPT_NAME :
* SCRIPT_NAME :
* SERVER_NAME : www.bikelink.org
* SERVER_PORT : 443
* SERVER_PROTOCOL : HTTP/1.0
* SERVER_SOFTWARE : puma 6.6.0 Return to Forever
* action_controller.instance : #<HelpController:0x000070e37d461a50>
* action_dispatch.authenticated_encrypted_cookie_salt : [FILTERED]
* action_dispatch.backtrace_cleaner : #<Rails::BacktraceCleaner:0x000070e3932d7d18>
* action_dispatch.content_security_policy :
* action_dispatch.content_security_policy_nonce_directives:
* action_dispatch.content_security_policy_nonce_generator :
* action_dispatch.content_security_policy_report_only : false
* action_dispatch.cookies : #<ActionDispatch::Cookies::CookieJar:0x000070e3912fc778>
* action_dispatch.cookies_digest :
* action_dispatch.cookies_rotations : #<ActiveSupport::Messages::RotationConfiguration:0x000070e393ca5430>
* action_dispatch.cookies_same_site_protection : #<Proc:0x000070e380622a58 /var/www/bikelink/vendor/bundle/ruby/3.3.0/gems/railties-7.2.2.1/lib/rails/application.rb:641>
* action_dispatch.cookies_serializer : json
* action_dispatch.debug_exception_log_level : 3
* action_dispatch.encrypted_cookie_cipher : [FILTERED]
* action_dispatch.encrypted_cookie_salt : [FILTERED]
* action_dispatch.encrypted_signed_cookie_salt : [FILTERED]
* action_dispatch.http_auth_salt : [FILTERED]
* action_dispatch.key_generator : #<ActiveSupport::CachingKeyGenerator:0x000070e383f67610>
* action_dispatch.log_rescued_responses : true
* action_dispatch.logger : #<ActiveSupport::BroadcastLogger:0x000070e39177ca50>
* action_dispatch.parameter_filter : [/(?i:confirm_password)|(?i:credit_card_number)|(?i:password)|(?i:passw)|(?i:secret)|(?i:token)|(?i:_key)|(?i:crypt)|(?i:salt)|(?i:certificate)|(?i:otp)|(?i:ssn)/, /(?i:person\.otp_secret)|(?i:encrypted_rich_text\.body)/]
* action_dispatch.permissions_policy :
* action_dispatch.redirect_filter : []
* action_dispatch.remote_ip : 155.2.190.139
* action_dispatch.request.accepts : [#<Mime::Type:0x000070e3912eee20 @synonyms=[], @symbol=nil, @string="*/*", @hash=-1189987504418898732>]
* action_dispatch.request.content_type :
* action_dispatch.request.formats : [#<Mime::Type:0x000070e3912eee20 @synonyms=[], @symbol=nil, @string="*/*", @hash=-1189987504418898732>]
* action_dispatch.request.parameters : {"category"=>"../../../../../etc/passwd\u0000", "controller"=>"help", "action"=>"faq"}
* action_dispatch.request.path_parameters : {:controller=>"help", :action=>"faq"}
* action_dispatch.request.query_parameters : {"category"=>"../../../../../etc/passwd\u0000"}
* action_dispatch.request.request_parameters : {}
* action_dispatch.request.unsigned_session_cookie : {}
* action_dispatch.request_id : f79ded93-18f9-4d38-9f7b-2a718b1da5df
* action_dispatch.route_uri_pattern : /help/faq(.:format)
* action_dispatch.routes : #<ActionDispatch::Routing::RouteSet:0x000070e38bfa67e0>
* action_dispatch.secret_key_base : [FILTERED]
* action_dispatch.show_detailed_exceptions : false
* action_dispatch.show_exceptions : all
* action_dispatch.signed_cookie_digest :
* action_dispatch.signed_cookie_salt : [FILTERED]
* action_dispatch.use_authenticated_cookie_encryption : [FILTERED]
* action_dispatch.use_cookies_with_metadata : true
* newrelic.transaction_started : true
* puma.config : #<Puma::Configuration:0x000070e39472c638>
* puma.request_body_wait : 0.0038127899169921875
* puma.socket : #<UNIXSocket:0x000070e37e418930>
* rack.after_reply : []
* rack.errors : #<IO:0x000070e3b0489090>
* rack.hijack : #<Puma::Client:0x000070e37d464390>
* rack.hijack? : true
* rack.input : #<Puma::NullIO:0x000070e3948cd0f0>
* rack.multiprocess : true
* rack.multithread : true
* rack.request.cookie_hash : {}
* rack.request.form_hash : {}
* rack.request.form_input : #<Puma::NullIO:0x000070e3948cd0f0>
* rack.request.query_hash : {"category"=>"../../../../../etc/passwd\u0000"}
* rack.request.query_string : category=../../../../../etc/passwd%00
* rack.run_once : false
* rack.session : #<ActionDispatch::Request::Session:0x000070e3912efa00>
* rack.session.options : #<ActionDispatch::Request::Session::Options:0x000070e37e447000>
* rack.tempfiles : []
* rack.url_scheme : https
* rack.version : [1, 6]
* rails.rack_logger_tag_count : 1
* warden : Warden::Proxy:9972840 @config={:default_scope=>:person, :scope_defaults=>{}, :default_strategies=>{:person=>[:two_factor_authenticatable, :two_factor_authenticatable, :rememberable]}, :intercept_401=>false, :failure_app=>#<Devise::Delegator:0x000070e37dfc8588>}
-------------------------------
Backtrace:
-------------------------------
app/controllers/help_controller.rb:36:in `find_category'
app/controllers/application_controller.rb:45:in `process_action'
We've got bunch of these, more examples:
/help/faq?category=..\etc\passwd%00/help/faq?category=..\..\..\etc\passwd%00/help/faq?category=../../../../etc/passwd%00/help/faq?category=../etc/passwd%00/help/faq?category=../../etc/passwd%00/help/faq?category=/etc/passwd%00/help/faq?category=..//..//..//..//etc//passwd%00