diff --git a/src/actions/transformations/hex_decode.cc b/src/actions/transformations/hex_decode.cc
index 7565dd10..842bb65f 100644
--- a/src/actions/transformations/hex_decode.cc
+++ b/src/actions/transformations/hex_decode.cc
@@ -24,32 +24,52 @@
 
 #include "modsecurity/transaction.h"
 #include "actions/transformations/transformation.h"
-
+#include "src/utils.h"
 
 namespace modsecurity {
 namespace actions {
 namespace transformations {
 
 
-HexDecode::HexDecode(std::string action)
-    : Transformation(action) {
-    this->action_kind = 1;
+std::string HexDecode::evaluate(std::string value,
+    Transaction *transaction) {
+    std::string ret;
+    unsigned char *input = NULL;
+    int size = 0;
+
+    input = reinterpret_cast<unsigned char *>
+        (malloc(sizeof(char) * value.length()+1));
+
+    if (input == NULL) {
+        return "";
+    }
+
+    memcpy(input, value.c_str(), value.length()+1);
+
+    size = inplace(input, value.length());
+
+    ret.assign(reinterpret_cast<char *>(input), size);
+    free(input);
+
+    return ret;
 }
 
 
-std::string HexDecode::evaluate(std::string value,
-    Transaction *transaction) {
-    int len = value.length();
-    std::string newString;
+int HexDecode::inplace(unsigned char *data, int len) {
+    unsigned char *d = data;
+    int i, count = 0;
 
-    for (int i=0; i< len; i+=2) {
-        std::string byte = value.substr(i, 2);
-        char chr =  static_cast<char>(static_cast<int>(strtol(byte.c_str(),
-            NULL, 16)));
-        newString.push_back(chr);
+    if ((data == NULL) || (len == 0)) {
+        return 0;
     }
 
-    return newString;
+    for (i = 0; i <= len - 2; i += 2) {
+        *d++ = x2c(&data[i]);
+        count++;
+    }
+    *d = '\0';
+
+    return count;
 }
 
 
diff --git a/src/actions/transformations/hex_decode.h b/src/actions/transformations/hex_decode.h
index 1ec6e592..c7aa8ad0 100644
--- a/src/actions/transformations/hex_decode.h
+++ b/src/actions/transformations/hex_decode.h
@@ -30,9 +30,12 @@ namespace transformations {
 
 class HexDecode : public Transformation {
  public:
-    explicit HexDecode(std::string action);
+    explicit HexDecode(std::string action) : Transformation(action) { }
+
     std::string evaluate(std::string exp,
         Transaction *transaction) override;
+
+    static int inplace(unsigned char *data, int len);
 };
 
 }  // namespace transformations
diff --git a/src/actions/transformations/utf8_to_unicode.cc b/src/actions/transformations/utf8_to_unicode.cc
index a98d3ad7..e934191a 100644
--- a/src/actions/transformations/utf8_to_unicode.cc
+++ b/src/actions/transformations/utf8_to_unicode.cc
@@ -45,11 +45,12 @@ std::string Utf8ToUnicode::evaluate(std::string value,
         return "";
     }
 
-    inplace(input, value.size() + 1, &changed);
-
     memcpy(input, value.c_str(), value.length()+1);
 
-    ret.assign(reinterpret_cast<char *>(input), 10);
+    inplace(input, value.size() + 1, &changed);
+
+    ret.assign(reinterpret_cast<char *>(input),
+        strlen(reinterpret_cast<char *>(input)));
     free(input);
 
     return ret;