Add unit tests for xdg-open URI escaping

Move the implementation of xdg-open URI escaping to a separate function
called purple_uri_escape_for_open and add a unit test for it.

4 files changed, 45 insertions, 7 deletions

diff --git a/libpurple/tests/test_util.c b/libpurple/tests/test_util.c
index 303a056117..4239d9312c 100644
--- a/libpurple/tests/test_util.c
+++ b/libpurple/tests/test_util.c
@@ -232,6 +232,24 @@ START_TEST(test_strdup_withhtml)
 }
 END_TEST
 
+START_TEST(test_uri_escape_for_open)
+{
+	/* make sure shell stuff is escaped... */
+	gchar *result = purple_uri_escape_for_open("https://$(xterm)");
+	assert_string_equal_free("https://%24%28xterm%29", result);
+
+	result = purple_uri_escape_for_open("https://`xterm`");
+	assert_string_equal_free("https://%60xterm%60", result);
+
+	result = purple_uri_escape_for_open("https://$((25 + 13))");
+	assert_string_equal_free("https://%24%28%2825%20+%2013%29%29", result);
+
+	/* ...but keep brackets so that ipv6 links can be opened. */
+	result = purple_uri_escape_for_open("https://[123:4567:89a::::]");
+	assert_string_equal_free("https://[123:4567:89a::::]", result);
+}
+END_TEST
+
 Suite *
 util_suite(void)
 {
@@ -284,5 +302,9 @@ util_suite(void)
 	tcase_add_test(tc, test_strdup_withhtml);
 	suite_add_tcase(s, tc);
 
+	tc = tcase_create("escape_uri_for_open");
+	tcase_add_test(tc, test_uri_escape_for_open);
+	suite_add_tcase(s, tc);
+
 	return s;
 }
diff --git a/libpurple/util.c b/libpurple/util.c
index 044a7acff0..ba7ad4b152 100644
--- a/libpurple/util.c
+++ b/libpurple/util.c
@@ -4583,6 +4583,17 @@ purple_uri_list_extract_filenames(const gchar *uri_list)
 	return result;
 }
 
+char *
+purple_uri_escape_for_open(const char *unescaped)
+{
+	/* Replace some special characters like $ with their percent-encoded value.
+	 * This shouldn't be necessary because we shell-escape the entire arg before
+	 * exec'ing the browser, however, we had a report that a URL containing
+	 * $(xterm) was causing xterm to start on his system. This is obviously a
+	 * bug on his system, but it's pretty easy for us to protect against it. */
+	return g_uri_escape_string(unescaped, "[]:;/%#,+?=&@", FALSE);
+}
+
 /**************************************************************************
  * UTF8 String Functions
  **************************************************************************/
diff --git a/libpurple/util.h b/libpurple/util.h
index ede673e19e..d7ae1957ca 100644
--- a/libpurple/util.h
+++ b/libpurple/util.h
@@ -1330,6 +1330,17 @@ GList *purple_uri_list_extract_uris(const gchar *uri_list);
  */
 GList *purple_uri_list_extract_filenames(const gchar *uri_list);
 
+/**
+ * This function escapes any characters that might be interpreted by the shell
+ * when executing a program to open a URI on some systems.
+ *
+ * @param unescaped The unescaped URI.
+ *
+ * @return A newly allocated string with any shell metacharacters replaced with
+ * their escaped equivalents.
+ */
+char *purple_uri_escape_for_open(const char *unescaped);
+
 /*@}*/
 
 /**************************************************************************
diff --git a/pidgin/gtknotify.c b/pidgin/gtknotify.c
index f23a8ffee8..25dc2ac4ac 100644
--- a/pidgin/gtknotify.c
+++ b/pidgin/gtknotify.c
@@ -1284,13 +1284,7 @@ pidgin_notify_uri(const char *uri)
 	GSList *argv = NULL, *argv_remote = NULL;
 	gchar **usercmd_argv = NULL;
 
-	/* Replace some special characters like $ with their percent-encoded
-	   value. This shouldn't be necessary because we shell-escape the entire
-	   arg before exec'ing the browser, however, we had a report that a URL
-	   containing $(xterm) was causing xterm to start on his system. This is
-	   obviously a bug on his system, but it's pretty easy for us to protect
-	   against it. */
-	uri_escaped = g_uri_escape_string(uri, "[]:;/%#,+?=&@", FALSE);
+	uri_escaped = purple_uri_escape_for_open(uri);
 
 	web_browser = purple_prefs_get_string(PIDGIN_PREFS_ROOT
 		"/browsers/browser");