Extend the fix from commit v3.10.0-rc1~188^2 (ListFileLexer: fix
heap-buffer-overflow on malicious input, 2017-08-26) to apply to all
lexer token matches.  Replace all `.` with `[^\0\n]`.  Update all
`[^...]` match expressions to not match `\0`.

We cannot safely process null bytes in strings.

Fixes: #18124