|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #65636 Stream path cannot contail null char (chr(0))
Submitted: 2013-09-08 23:02 UTC Modified: 2015-09-09 14:20 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: bilge at scriptfusion dot com Assigned: cmb (profile)
Status: Not a bug Package: Streams related
PHP Version: 5.5.3 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
48 - 38 = ?
Subscribe to this entry?

 [2013-09-08 23:02 UTC] bilge at scriptfusion dot com
Stream path can contain any character, whether URL encoded or not, except for the null character. Including a null character in the path raises the following error:

file_get_contents() expects parameter 1 to be a valid path, string given

Both the use case and test suite to support the claims above can be found at

The use case is a custom stream wrapper that takes the path and converts it into a read-only data stream. The current workaround is to urlencode any path that contains nulls. However, this approach provides little benefit over the data wrapper. Being able to include nulls directly in the path would eliminate unnecessary url encoding and decoding in the custom wrapper implementation.

Test script:



Expected result:
No error.

Actual result:
file_get_contents() expects parameter 1 to be a valid path, string given


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2013-09-19 12:25 UTC] bixuehujin at gmail dot com
AFAIK, it is not possible to contain null character in a filename path, this is not because of PHP but the OS.

At the OS level, it seems no way to handle a file contains null characters.
 [2015-09-09 14:20 UTC]
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2015-09-09 14:20 UTC]
Disallowing null bytes in paths is not a bug, but a deliberate
design decision for security reasons. While PHP can handle strings
which contain null bytes well, most underlying C libraries can't,
because NUL is the customary string delimiter in C. To avoid any
troubles, PHP rejects null bytes in paths in the first place.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Jun 23 09:01:28 2024 UTC