Description:
I have a user root. I set new password for him, which includes \0.
Then I try to connect with libmysql and doesn't work. I try to connect with mysqlnd and it works (mysqlnd doesn't use strlen to determine the length of the password string, but uses the length of the string as it comes from PHP).

How to repeat:
mysql> update mysql.user set password=password("aa\0bb") where user='root';
Query OK, 4 rows affected (0.00 sec)
Rows matched: 4  Changed: 4  Warnings: 0

./php -r '$c=mysqli_connect("127.0.0.1","root","aa\0bb");var_dump($c->thread_id);'

Warning: mysqli_connect(): (28000/1045): Access denied for user 'root'@'localhost' (using password: YES) in Command line code on line 1
NULL

./php_mysqlnd -r '$c=mysqli_connect("127.0.0.1","root","aa\0bb");var_dump($c->thread_id);'
int(1377)

Suggested fix:
A direct fix will need a change in the API or a new real_real_connect().

I have performed flush privileges after the update.

I cannot either. After

CREATE USER 'null'@'%' IDENTIFIED BY 'ii\0ii'; -- executes successfully

.. I also cannot authenticate no matter if I provide password as 'ii\0ii' or (escaped) as 'ii\\0ii' (or just 'ii0ii'). 

This is of course an 'edge case' - but at least the user should not create if backs\ash cannot be used in passwords IMHO.

Thank you for the report.

Which server and mysqlnd do you use? I tried with mysqlnd distribution from PHP 5.3.5 and still get "access denied" error

No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".