Spring Input parsing validation not working for special characters when using Integers in 6.x

Affects: \6.0.11

When working with this API definition

@GetMapping(path = "{param1}/foo/{param2}/bar", produces = APPLICATION_XML_VALUE)
@Operation(summary = "Gets Foo for provided Bar")
@ApiResponse(responseCode = "200", content = @Content(mediaType = APPLICATION_XML_VALUE, schema = @Schema(implementation = FooListResponse.class)))
FooListResponse getFooList(
        @PathVariable("param1") final String param1,
        @PathVariable("param2") final String param2,
        @RequestParam(value = "param3", required = false) final Integer param3,
        @RequestParam(value = "param4", required = false) final FooScope param4,
        @RequestParam(value = "param5", required = false) final Boolean param5
);

and this implementation of the api

@Override
public FooListResponse getFooList(
        final String param1,
        final String param2,
        @Nullable final Integer param3,
        @Nullable final FooScope param4,
        @Nullable final Boolean param5
) { .....
}

I get correct input validation for param3 values like "abc" or "69a", I get a 400-bad request with the reason for it. But using special characters as values like "%" or "?" I get a null value for param3 in the implementation and not a bad request response.

Isolated this would be not a big issue but combined with the optional nature of the param3 I cannot distinguish between when param3 is not set on purpose of not set because of wrong input validation.

Comment From: rstoyanchev

The Servlet request parameter has a null value. For example:

@GetMapping("/foo")
void getFooList(HttpServletRequest request) {
    String param3 = request.getParameter("param3");
    System.out.println("param3='" + param3 + "'");
}

Sending param3=% results in:

param3='null'

In other words this comes from the Servlet container that probably sanitizes the URL.