|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #65636 Stream path cannot contail null char (chr(0))
Submitted: 2013-09-08 23:02 UTC Modified: 2015-09-09 14:20 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: bilge at scriptfusion dot com Assigned: cmb (profile)
Status: Not a bug Package: Streams related
PHP Version: 5.5.3 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: bilge at scriptfusion dot com
New email:
PHP Version: OS:


 [2013-09-08 23:02 UTC] bilge at scriptfusion dot com
Stream path can contain any character, whether URL encoded or not, except for the null character. Including a null character in the path raises the following error:

file_get_contents() expects parameter 1 to be a valid path, string given

Both the use case and test suite to support the claims above can be found at

The use case is a custom stream wrapper that takes the path and converts it into a read-only data stream. The current workaround is to urlencode any path that contains nulls. However, this approach provides little benefit over the data wrapper. Being able to include nulls directly in the path would eliminate unnecessary url encoding and decoding in the custom wrapper implementation.

Test script:



Expected result:
No error.

Actual result:
file_get_contents() expects parameter 1 to be a valid path, string given


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2013-09-19 12:25 UTC] bixuehujin at gmail dot com
AFAIK, it is not possible to contain null character in a filename path, this is not because of PHP but the OS.

At the OS level, it seems no way to handle a file contains null characters.
 [2015-09-09 14:20 UTC]
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2015-09-09 14:20 UTC]
Disallowing null bytes in paths is not a bug, but a deliberate
design decision for security reasons. While PHP can handle strings
which contain null bytes well, most underlying C libraries can't,
because NUL is the customary string delimiter in C. To avoid any
troubles, PHP rejects null bytes in paths in the first place.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Thu Nov 30 04:01:25 2023 UTC