When getting a parameter map where the last parameter ends with %.

F.x. https://jboss.org?%

You ends up with a StringIndexOutOfBoundsException like below:

2019-05-31 05:55:30,582 ERROR [default task-91] [request] UT005023: Exception handling request to /admin/login.do: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.charAt(String.java:658)
at io.undertow.util.URLUtils.decode(URLUtils.java:133)
at io.undertow.util.URLUtils.decode(URLUtils.java:78)
at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.doParse(FormEncodedDataDefinition.java:186)
at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.parseBlocking(FormEncodedDataDefinition.java:252)
at io.undertow.servlet.spec.HttpServletRequestImpl.parseFormData(HttpServletRequestImpl.java:833)
at io.undertow.servlet.spec.HttpServletRequestImpl.getParameterMap(HttpServletRequestImpl.java:786)

It appears to be these line that does not validate that there are 1/2 characters after the current:

....
while ((i < numChars)) {
if (c == '%') {
char p1 = Character.toLowerCase(s.charAt(i + 1));
....
char p2 = Character.toLowerCase(s.charAt(i + 2));