Handle null byte searches

Some vulnerability scanners try to find security issues in all webforms
and submit invalid null byte into the search from. This is cleaned out
by django and leads to 'q' not being set which gives a 500 error. Check
if the 'q' key exists in the cleaned_data if not return an empty list.

Signed-off-by: Jelle van der Waa <[email protected]>

Author: jelly

packages/views/search.py

@@ -59,6 +59,8 @@ def exact_matches(self):
         # only do exact match search if 'q' is sole parameter
         if self.changed_data != ['q']:
             return []
+        if 'q' not in self.cleaned_data:
+            return []
         return Package.objects.normal().filter(pkgname=self.cleaned_data['q'])