Merge pull request #6026 from matrix-org/t3chguy/fix/17281

Wrap decodeURIComponent in try-catch to protect against malformed URIs

src/linkify-matrix.js

@@ -254,11 +254,15 @@ matrixLinkify.options = {
 
     target: function(href, type) {
         if (type === 'url') {
-            const transformed = tryTransformPermalinkToLocalHref(href);
+            try {
-            if (transformed !== href || decodeURIComponent(href).match(matrixLinkify.ELEMENT_URL_PATTERN)) {
+                const transformed = tryTransformPermalinkToLocalHref(href);
-                return null;
+                if (transformed !== href || decodeURIComponent(href).match(matrixLinkify.ELEMENT_URL_PATTERN)) {
-            } else {
+                    return null;
-                return '_blank';
+                } else {
+                    return '_blank';
+                }
+            } catch (e) {
+                // malformed URI
             }
         }
         return null;

src/utils/permalinks/Permalinks.ts

@@ -346,9 +346,14 @@ export function tryTransformPermalinkToLocalHref(permalink: string): string {
         return permalink;
     }
 
-    const m = decodeURIComponent(permalink).match(matrixLinkify.ELEMENT_URL_PATTERN);
+    try {
-    if (m) {
+        const m = decodeURIComponent(permalink).match(matrixLinkify.ELEMENT_URL_PATTERN);
-        return m[1];
+        if (m) {
+            return m[1];
+        }
+    } catch (e) {
+        // Not a valid URI
+        return permalink;
     }
 
     // A bit of a hack to convert permalinks of unknown origin to Element links