FIX: Prevent null-byte searches causing 500 error (#8226)

This fix ensures that searches that contain a null byte return a 400
error instead of causing a 500 error.

For some reason from rspec we will reach the raise statement inside
of the `rescue_from ArgumentError` block, but outside of rspec it will
not execute the raise statement and so a 500 is thrown instead of
reaching the `rescue_from Discourse::InvalidParameters` block inside of
the application controller.

This fix raises Discourse::InvalidParameters directly from the search
controller instead of relying on `PG::Connection.escape_string` to
raise the `ArgumentError`.

app/controllers/search_controller.rb

@@ -24,6 +24,10 @@ class SearchController < ApplicationController
       raise Discourse::InvalidParameters.new(:q)
     end
 
+    if @search_term.present? && @search_term.include?("\u0000")
+      raise Discourse::InvalidParameters.new("string contains null byte")
+    end
+
     search_args = {
       type_filter: 'topic',
       guardian: guardian,
@@ -68,6 +72,10 @@ class SearchController < ApplicationController
   def query
     params.require(:term)
 
+    if params[:term].include?("\u0000")
+      raise Discourse::InvalidParameters.new("string contains null byte")
+    end
+
     search_args = { guardian: guardian }
 
     search_args[:type_filter] = params[:type_filter]                 if params[:type_filter].present?