From 2bb27aa25d51020ad8b3570c880530ba0bff833b Mon Sep 17 00:00:00 2001
From: yhirose <yuji.hirose.bug@gmail.com>
Date: Fri, 1 Jun 2018 23:04:17 -0400
Subject: [PATCH] Fix #74

---
 httplib.h    | 10 +++++++---
 test/test.cc |  7 +++++++
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/httplib.h b/httplib.h
index fc525c3..683cc2b 100644
--- a/httplib.h
+++ b/httplib.h
@@ -938,8 +938,12 @@ inline bool is_hex(char c, int& v)
     return false;
 }
 
-inline bool from_hex_to_i(const std::string& s, int i, int cnt, int& val)
+inline bool from_hex_to_i(const std::string& s, size_t i, size_t cnt, int& val)
 {
+    if (i >= s.size()) {
+        return false;
+    }
+
     val = 0;
     for (; cnt; i++, cnt--) {
         if (!s[i]) {
@@ -992,8 +996,8 @@ inline std::string decode_url(const std::string& s)
 {
     std::string result;
 
-    for (int i = 0; s[i]; i++) {
-        if (s[i] == '%') {
+    for (size_t i = 0; s[i]; i++) {
+        if (s[i] == '%' && i + 1 < s.size()) {
             if (s[i + 1] && s[i + 1] == 'u') {
                 int val = 0;
                 if (from_hex_to_i(s, i + 2, 4, val)) {
diff --git a/test/test.cc b/test/test.cc
index 6b7f624..3e85730 100644
--- a/test/test.cc
+++ b/test/test.cc
@@ -643,6 +643,13 @@ TEST_F(ServerTest, InvalidPercentEncodingUnicode)
 	EXPECT_EQ(404, res->status);
 }
 
+TEST_F(ServerTest, EndWithPercentCharacterInQuery)
+{
+    auto res = cli_.Get("/hello?aaa=bbb%");
+    ASSERT_TRUE(res != nullptr);
+    EXPECT_EQ(404, res->status);
+}
+
 TEST_F(ServerTest, MultipartFormData)
 {
     Request req;