From 448f7f0936fe8b92b472cdb608195382b8eeba34 Mon Sep 17 00:00:00 2001
From: Michael Vetter <jubalh@iodoru.org>
Date: Fri, 19 Jun 2020 20:17:20 +0200
Subject: Use shell to start eval_password command

Since https://github.com/profanity-im/profanity/commit/d92c576aa53505d712715b1acc6344af3262c84f
we rely on g_spawn_sync().
Which doesn't do variable/glob expansion.

For our use of call_external() in opening and URL or avatar this is
fine.

For getting the password we want to be able to use ~ for our files.
Let's use a shell here.

Fix https://github.com/profanity-im/profanity/issues/1364
---
 src/config/account.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'src/config')

diff --git a/src/config/account.c b/src/config/account.c
index 1fc13429..6fc80eb7 100644
--- a/src/config/account.c
+++ b/src/config/account.c
@@ -201,16 +201,12 @@ account_eval_password(ProfAccount *account)
     assert(account->eval_password != NULL);
 
     gchar **output = NULL;
-    gchar **argv = g_strsplit(account->eval_password, " ", 0);
 
+    gchar *argv[] = {"sh", "-c", account->eval_password};
     if (!call_external(argv, &output, NULL)) {
-        g_strfreev(argv);
-        argv = NULL;
         return FALSE;
     }
 
-    g_strfreev(argv);
-
     if (!output || !output[0]) {
         log_error("Failed to read eval_password output");
         g_strfreev(output);
-- 
cgit 1.4.1-2-gfad0