From 2ac24f1c88b7cd85ee7e9b189fc524fae74e78af Mon Sep 17 00:00:00 2001
From: Ruslan Ermilov <ru@nginx.com>
Date: Tue, 8 Oct 2019 21:56:14 +0300
Subject: [PATCH] Improved detection of broken percent encoding in URI.

---
 src/http/ngx_http_parse.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
index 8e1b11852..b8a27e084 100644
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -1561,6 +1561,10 @@ ngx_http_parse_complex_uri(ngx_http_request_t *r, ngx_uint_t merge_slashes)
         }
     }
 
+    if (state == sw_quoted || state == sw_quoted_second) {
+        return NGX_HTTP_PARSE_INVALID_REQUEST;
+    }
+
 done:
 
     r->uri.len = u - r->uri.data;