From 3d708e239b55265dca9a3c4fcbfab35aa4be1236 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 28 Feb 2026 10:48:59 +0100
Subject: [PATCH] urlapi: use U_CURLU_URLDECODE when toggling it off unsigned

In this use case 'unsigned value &= ~DEFINE;

As otherwise the right side is treated as signed, which annoyingly
triggers UBSan. The U_* defines are local versions of the public define,
only typecast to unsigned.

Reported-by: xmoezzz on github
Fixes #20753
Closes #20769
---
 lib/urlapi-int.h | 3 +++
 lib/urlapi.c     | 6 +++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/urlapi-int.h b/lib/urlapi-int.h
index fbce1837ff..29d4fe5f39 100644
--- a/lib/urlapi-int.h
+++ b/lib/urlapi-int.h
@@ -37,4 +37,7 @@ UNITTEST CURLUcode Curl_parse_port(struct Curl_URL *u, struct dynbuf *host,
                                    bool has_scheme);
 #endif
 
+#define U_CURLU_URLDECODE (unsigned int)CURLU_URLDECODE
+#define U_CURLU_PATH_AS_IS (unsigned int)CURLU_PATH_AS_IS
+
 #endif /* HEADER_CURL_URLAPI_INT_H */
diff --git a/lib/urlapi.c b/lib/urlapi.c
index f392b501bd..a4b82f31bd 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -1274,7 +1274,7 @@ static CURLUcode redirect_url(const char *base, const char *relurl,
   if(!curlx_dyn_addn(&urlbuf, base, prelen) &&
      !urlencode_str(&urlbuf, useurl, strlen(useurl), !host_changed, FALSE)) {
     uc = parseurl_and_replace(curlx_dyn_ptr(&urlbuf), u,
-                              flags & ~CURLU_PATH_AS_IS);
+                              flags & ~U_CURLU_PATH_AS_IS);
   }
   else
     uc = CURLUE_OUT_OF_MEMORY;
@@ -1555,7 +1555,7 @@ CURLUcode curl_url_get(const CURLU *u, CURLUPart what,
   case CURLUPART_SCHEME:
     ptr = u->scheme;
     ifmissing = CURLUE_NO_SCHEME;
-    flags &= ~CURLU_URLDECODE; /* never for schemes */
+    flags &= ~U_CURLU_URLDECODE; /* never for schemes */
     if((flags & CURLU_NO_GUESS_SCHEME) && u->guessed_scheme)
       return CURLUE_NO_SCHEME;
     break;
@@ -1582,7 +1582,7 @@ CURLUcode curl_url_get(const CURLU *u, CURLUPart what,
   case CURLUPART_PORT:
     ptr = u->port;
     ifmissing = CURLUE_NO_PORT;
-    flags &= ~CURLU_URLDECODE; /* never for port */
+    flags &= ~U_CURLU_URLDECODE; /* never for port */
     if(!ptr && (flags & CURLU_DEFAULT_PORT) && u->scheme) {
       /* there is no stored port number, but asked to deliver
          a default one for the scheme */