https://github.com/openshift/enterprise-server/pull/283

commit f7a76546ce02297ba864a1df7bbb86c4aa1ab2fc
Commit:     Luke Meyer <lmeyer>
CommitDate: Thu May 29 11:59:50 2014 -0400

    gear env: prevent user-created envvars breaking things #cherrypick

    from origin-server:
    commit b6939d9f88ce34a9b8a7cef37481ea2740c3138d
    Author: Jhon Honce <jhonce>
    Date:   Mon May 5 15:54:19 2014 -0700

        Bug 1083197 - remove NULL's from environment variables

marking VERIFIED to appease errata-tool. will put back...

OK, still needs verification :)

Veirified on 2.1.z/2014-06-12.2
Steps to verify:

1. Create an app
2. Copy a file which contains special strings to .env/user_vars
# rhc app scp -a apptest upload TESTFILE .env/user_vars/
 uploading TESTFILE: 100% complete. 14/14 bytes transferred in 9.148694 seconds
3. SSH to the app to check
4. Make some changes in local repo and git push

Actual results:
3.# rhc ssh apptest
Connecting to 539a5323db26c8b7e9000009.com.cn ...

    *********************************************************************

    You are accessing a service that is for use only by authorized users.  
    If you do not have authorization, discontinue use at once. 
    Any use of the services is subject to the applicable terms of the 
    agreement which can be found at: 
    https://www.openshift.com/legal

    *********************************************************************

    Welcome to OpenShift shell

    This shell will assist you in managing OpenShift applications.

    !!! IMPORTANT !!! IMPORTANT !!! IMPORTANT !!!
    Shell access is quite powerful and it is possible for you to
    accidentally damage your application.  Proceed with care!
    If worse comes to worst, destroy your application with "rhc app delete"
    and recreate it
    !!! IMPORTANT !!! IMPORTANT !!! IMPORTANT !!!

    Type "help" for more info.


[apptest-dom13.ose21z-manual.com.cn 539a5323db26c8b7e9000009]\> ls .env/user_vars/
TESTFILE
4.no error appeas
]# git add .;git commit -am 'a';git push
[master c06b3f3] a
 Committer: yanpzhan <root.redhat.com>
....

 0 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 ne
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 296 bytes, done.
Total 2 (delta 0), reused 0 (delta 0)
remote: Stopping PHP 5.4 cartridge (Apache+mod_php)
remote: Waiting for stop to finish
remote: Waiting for stop to finish
remote: Waiting for stop to finish
remote: Building git ref 'master', commit c06b3f3
remote: Checking .openshift/pear.txt for PEAR dependency...
remote: Preparing build for deployment
remote: Deployment id is 5fa3063f
remote: Activating deployment
remote: Starting PHP 5.4 cartridge (Apache+mod_php)
remote: Application directory "/" selected as DocumentRoot
remote: -------------------------
remote: Git Post-Receive Result: success
remote: Activation status: success
remote: Deployment completed with status: success
To ssh://539a5323db26c8b7e9000009.com.cn/~/git/apptest.git/
   974c862..c06b3f3  master -> master

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-0764.html