From 53834c1874a6a26c0805046e1f580a233f170bd8 Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Fri, 22 Nov 2019 11:23:19 +0100
Subject: [PATCH] Fix invalid byte sequence

---
 .../security-dos-issue-and-commit-comments-master.yml        | 5 +++++
 lib/banzai/filter/relative_link_filter.rb                    | 2 +-
 spec/lib/banzai/filter/relative_link_filter_spec.rb          | 5 +++++
 3 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/security-dos-issue-and-commit-comments-master.yml

diff --git a/changelogs/unreleased/security-dos-issue-and-commit-comments-master.yml b/changelogs/unreleased/security-dos-issue-and-commit-comments-master.yml
new file mode 100644
index 00000000000..c84cebdcca0
--- /dev/null
+++ b/changelogs/unreleased/security-dos-issue-and-commit-comments-master.yml
@@ -0,0 +1,5 @@
+---
+title: Fix 500 error caused by invalid byte sequences in links
+merge_request:
+author:
+type: security
diff --git a/lib/banzai/filter/relative_link_filter.rb b/lib/banzai/filter/relative_link_filter.rb
index c7589e69262..583b0081319 100644
--- a/lib/banzai/filter/relative_link_filter.rb
+++ b/lib/banzai/filter/relative_link_filter.rb
@@ -172,7 +172,7 @@ module Banzai
       end
 
       def cleaned_file_path(uri)
-        Addressable::URI.unescape(uri.path).delete("\0").chomp("/")
+        Addressable::URI.unescape(uri.path).scrub.delete("\0").chomp("/")
       end
 
       def relative_file_path(uri)
diff --git a/spec/lib/banzai/filter/relative_link_filter_spec.rb b/spec/lib/banzai/filter/relative_link_filter_spec.rb
index 046c346a7ac..371c7a2347c 100644
--- a/spec/lib/banzai/filter/relative_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/relative_link_filter_spec.rb
@@ -119,6 +119,11 @@ describe Banzai::Filter::RelativeLinkFilter do
     expect { filter(act) }.not_to raise_error
   end
 
+  it 'does not raise an exception on URIs containing invalid utf-8 byte sequences' do
+    act = link("%FF")
+    expect { filter(act) }.not_to raise_error
+  end
+
   it 'does not raise an exception with a garbled path' do
     act = link("open(/var/tmp/):%20/location%0Afrom:%20/test")
     expect { filter(act) }.not_to raise_error