From 36243965a04da0d06bd6ecb9f4a7895e90bf605d Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Tue, 7 Jul 2026 11:54:05 +0200 Subject: [PATCH] BUG/MINOR: http-conv: Make url-dec failed if no space for trailing null byte for url-dec converter, a trailing null byte is added at the end of the input sample because it is requested by url_decode() function. However, when the buffer was full, the last byte was crushed by the trailing null byte. In that case, the last character was lost and not decoded. Now, the converter just fails by returning 0. This patch could be backported to all supported versions but it is a very minor issue. --- src/http_conv.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/http_conv.c b/src/http_conv.c index 5449f7adc..ed276b2e8 100644 --- a/src/http_conv.c +++ b/src/http_conv.c @@ -273,6 +273,9 @@ static int sample_conv_url_dec(const struct arg *args, struct sample *smp, void smp->flags &= ~SMP_F_CONST; } + if (smp->data.u.str.size <= smp->data.u.str.data) + return 0; + /* Add final \0 required by url_decode(), and convert the input string. */ smp->data.u.str.area[smp->data.u.str.data] = '\0'; -- 2.47.3