diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 6a30686ee68..b6076636cfc 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -156,6 +156,14 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  rescue_from ArgumentError do |e|
+    if e.message == "string contains null byte"
+      raise Discourse::InvalidParameters, e.message
+    else
+      raise e
+    end
+  end
+
   rescue_from Discourse::InvalidParameters do |e|
     message = I18n.t('invalid_params', message: e.message)
     if (request.format && request.format.json?) || request.xhr? || !request.get?
diff --git a/spec/requests/search_controller_spec.rb b/spec/requests/search_controller_spec.rb
index 84346d1b8d7..3f2446c5efc 100644
--- a/spec/requests/search_controller_spec.rb
+++ b/spec/requests/search_controller_spec.rb
@@ -16,6 +16,16 @@ describe SearchController do
       $redis.flushall
     end
 
+    it "returns a 400 error if you search for null bytes" do
+      term = "hello\0hello"
+
+      get "/search/query.json", params: {
+        term: term, include_blurb: true
+      }
+
+      expect(response.status).to eq(400)
+    end
+
     it "can search correctly" do
       my_post = Fabricate(:post, raw: 'this is my really awesome post')