[mapserver-commits] [MapServer/MapServer] 6364c7: [Backport branch-8-6] cgiutil: fix handling of mal...
github-actions[bot]
noreply at github.com
Tue May 26 12:20:45 PDT 2026
Branch: refs/heads/branch-8-6
Home: https://github.com/MapServer/MapServer
Commit: 6364c71bff48d669fd62866ad52e2b1292f23da9
https://github.com/MapServer/MapServer/commit/6364c71bff48d669fd62866ad52e2b1292f23da9
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date: 2026-05-26 (Tue, 26 May 2026)
Changed paths:
M src/cgiutil.c
M src/cgiutil.h
Log Message:
-----------
[Backport branch-8-6] cgiutil: fix handling of malformed percent-encoding (#7515)
* cgiutil: fix handling of malformed percent-encoding
unescape_url() implicitly assumed that two hex digits
follow the percent sign without any checks.
This lead to an out-of-bounds read on malformed
percent-encoded URLs, such as "/?foo=bar%", and
undefined behavior if non-hex digits were supplied.
Fix this by verifying that two hex digits follow
the percent sign and only unescape it in this case.
In the malformed case, leave the percent-sign and
the following digits as-is.
Signed-off-by: Stefan Gloor <code at stefan-gloor.ch>
* Apply suggestions from code review
Co-authored-by: Even Rouault <even.rouault at spatialys.com>
* Formatting fix
* Apply suggestions from code review
Co-authored-by: Even Rouault <even.rouault at spatialys.com>
---------
Signed-off-by: Stefan Gloor <code at stefan-gloor.ch>
Co-authored-by: Stefan Gloor <code at stefan-gloor.ch>
Co-authored-by: Even Rouault <even.rouault at spatialys.com>
To unsubscribe from these emails, change your notification settings at https://github.com/MapServer/MapServer/settings/notifications
More information about the MapServer-commits
mailing list