Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-1552

StringIndexOutOfBoundsException on decode parameters


    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Minor Minor
    • 2.0.22.Final
    • None
    • None

      When getting a parameter map where the last parameter ends with %.

      F.x. https://jboss.org?%

      You ends up with a StringIndexOutOfBoundsException like below:

      2019-05-31 05:55:30,582 ERROR [default task-91] [request] UT005023: Exception handling request to /admin/login.do: java.lang.StringIndexOutOfBoundsException: String index out of range: 3
      at java.lang.String.charAt(String.java:658)
      at io.undertow.util.URLUtils.decode(URLUtils.java:133)
      at io.undertow.util.URLUtils.decode(URLUtils.java:78)
      at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.doParse(FormEncodedDataDefinition.java:186)
      at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.parseBlocking(FormEncodedDataDefinition.java:252)
      at io.undertow.servlet.spec.HttpServletRequestImpl.parseFormData(HttpServletRequestImpl.java:833)
      at io.undertow.servlet.spec.HttpServletRequestImpl.getParameterMap(HttpServletRequestImpl.java:786)

      It appears to be these line that does not validate that there are 1/2 characters after the current:

      while ((i < numChars)) {
      if (c == '%') {
      char p1 = Character.toLowerCase(s.charAt(i + 1));
      char p2 = Character.toLowerCase(s.charAt(i + 2));

            jaikiran Jaikiran Pai (Inactive)
            mihonecom Michael Hansen (Inactive)
            0 Vote for this issue
            3 Start watching this issue