diff --git a/lib/datatypes.js b/lib/datatypes.js
index 80d79107..f212f770 100644
--- a/lib/datatypes.js
+++ b/lib/datatypes.js
@@ -62,6 +62,7 @@ _escape = function (s, type) {
     // Scrub input for basic SQL injection protection
     case 'sql':
       ret = s.replace(/'/g, "''");
+      ret = ret.replace('\u0000', ' ');
       break;
     // Backslash-esc single quotes for use in M/R JS sourcecode str
     case 'js':
diff --git a/test/integration/adapters/shared.js b/test/integration/adapters/shared.js
index 11f5229b..f003c25b 100644
--- a/test/integration/adapters/shared.js
+++ b/test/integration/adapters/shared.js
@@ -1230,6 +1230,15 @@ tests = {
     });
   });
 }
+
+, 'test escaping null characters': function (next) {
+    var person = model.Person.create({title: 'test \u0000!'});
+    person.save(function (err, data) {
+      if (err) { throw err; }
+      next();
+    });
+  }
+
 };
 
 module.exports = tests;