From a108b17e909436c99891a35dc15a43ef9d563921 Mon Sep 17 00:00:00 2001
From: Miroslav Pejic <miroslav.pejic.85@gmail.com>
Date: Tue, 6 Aug 2024 12:34:46 +0200
Subject: [PATCH] [mirotalksfu] - improvements

---
 app/src/Server.js       |  5 ++---
 app/src/Validator.js    | 17 +++++++++++------
 cloud/server.js         | 12 +++++++++---
 package.json            |  2 +-
 public/js/Common.js     |  8 ++++----
 public/js/Room.js       |  4 ++--
 public/js/RoomClient.js |  8 +++-----
 7 files changed, 32 insertions(+), 24 deletions(-)

diff --git a/app/src/Server.js b/app/src/Server.js
index 4eddbec9..6293a36d 100644
--- a/app/src/Server.js
+++ b/app/src/Server.js
@@ -44,7 +44,7 @@ dependencies: {
  * @license For commercial or closed source, contact us at license.mirotalk@gmail.com or purchase directly via CodeCanyon
  * @license CodeCanyon: https://codecanyon.net/item/mirotalk-sfu-webrtc-realtime-video-conferences/40769970
  * @author  Miroslav Pejic - miroslav.pejic.85@gmail.com
- * @version 1.5.41
+ * @version 1.5.42
  *
  */
 
@@ -470,8 +470,7 @@ function startServer() {
 
             if (!Validator.isValidRoomName(room)) {
                 return res.status(400).json({
-                    message:
-                        'Invalid Room name! Must be a UUID4 or an ALPHANUMERIC string without special characters or spaces.',
+                    message: 'Invalid Room name! Invalid Room name!\nPath traversal pattern detected!',
                 });
             }
 
diff --git a/app/src/Validator.js b/app/src/Validator.js
index 1d7c89a3..8e78f851 100644
--- a/app/src/Validator.js
+++ b/app/src/Validator.js
@@ -4,21 +4,26 @@ function isValidRoomName(input) {
     if (typeof input !== 'string') {
         return false;
     }
-    const pattern =
-        /^(?:[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|[A-Za-z0-9-_]+)$/;
-    return pattern.test(input);
+    return !hasPathTraversal(input);
 }
 
 function isValidRecFileNameFormat(input) {
     if (typeof input !== 'string') {
         return false;
     }
-    const pattern =
-        /^Rec_(?:[A-Za-z0-9-_]+|[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12})_\d{4}_\d{2}_\d{2}_\d{2}_\d{2}_\d{2}\.(webm)$/;
-    return pattern.test(input);
+    if (!input.startsWith('Rec_') || !input.endsWith('.webm')) {
+        return false;
+    }
+    return !hasPathTraversal(input);
+}
+
+function hasPathTraversal(input) {
+    const pathTraversalPattern = /(\.\.(\/|\\))+/;
+    return pathTraversalPattern.test(input);
 }
 
 module.exports = {
     isValidRoomName,
     isValidRecFileNameFormat,
+    hasPathTraversal,
 };
diff --git a/cloud/server.js b/cloud/server.js
index 60640f72..e269f26f 100644
--- a/cloud/server.js
+++ b/cloud/server.js
@@ -92,7 +92,13 @@ function isValidRecFileNameFormat(input) {
     if (typeof input !== 'string') {
         return false;
     }
-    const pattern =
-        /^Rec_(?:[A-Za-z0-9-_]+|[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12})_\d{4}_\d{2}_\d{2}_\d{2}_\d{2}_\d{2}\.(webm)$/;
-    return pattern.test(input);
+    if (!input.startsWith('Rec_') || !input.endsWith('.webm')) {
+        return false;
+    }
+    return !hasPathTraversal(input);
+}
+
+function hasPathTraversal(input) {
+    const pathTraversalPattern = /(\.\.(\/|\\))+/;
+    return pathTraversalPattern.test(input);
 }
diff --git a/package.json b/package.json
index d5d6b04e..0d478efd 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "mirotalksfu",
-    "version": "1.5.41",
+    "version": "1.5.42",
     "description": "WebRTC SFU browser-based video calls",
     "main": "Server.js",
     "scripts": {
diff --git a/public/js/Common.js b/public/js/Common.js
index 400a711d..383a2a7a 100644
--- a/public/js/Common.js
+++ b/public/js/Common.js
@@ -222,9 +222,10 @@ function joinRoom() {
         return;
     }
     if (!roomValid) {
-        alert('Invalid Room name!\nMust be a UUID4 or an ALPHANUMERIC string without special characters.');
+        alert('Invalid Room name!\nPath traversal pattern detected!');
         return;
     }
+
     window.location.href = '/join/' + roomName;
     window.localStorage.lastRoom = roomName;
 }
@@ -233,9 +234,8 @@ function isValidRoomName(input) {
     if (typeof input !== 'string') {
         return false;
     }
-    const pattern =
-        /^(?:[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|[A-Za-z0-9-_]+)$/;
-    return pattern.test(input);
+    const pathTraversalPattern = /(\.\.(\/|\\))+/;
+    return !pathTraversalPattern.test(input);
 }
 
 function adultContent() {
diff --git a/public/js/Room.js b/public/js/Room.js
index 987cdf34..3239f996 100644
--- a/public/js/Room.js
+++ b/public/js/Room.js
@@ -11,7 +11,7 @@ if (location.href.substr(0, 5) !== 'https') location.href = 'https' + location.h
  * @license For commercial or closed source, contact us at license.mirotalk@gmail.com or purchase directly via CodeCanyon
  * @license CodeCanyon: https://codecanyon.net/item/mirotalk-sfu-webrtc-realtime-video-conferences/40769970
  * @author  Miroslav Pejic - miroslav.pejic.85@gmail.com
- * @version 1.5.41
+ * @version 1.5.42
  *
  */
 
@@ -4335,7 +4335,7 @@ function showAbout() {
         imageUrl: image.about,
         customClass: { image: 'img-about' },
         position: 'center',
-        title: 'WebRTC SFU v1.5.41',
+        title: 'WebRTC SFU v1.5.42',
         html: `
         <br />
         <div id="about">
diff --git a/public/js/RoomClient.js b/public/js/RoomClient.js
index 055449f4..815b054e 100644
--- a/public/js/RoomClient.js
+++ b/public/js/RoomClient.js
@@ -9,7 +9,7 @@
  * @license For commercial or closed source, contact us at license.mirotalk@gmail.com or purchase directly via CodeCanyon
  * @license CodeCanyon: https://codecanyon.net/item/mirotalk-sfu-webrtc-realtime-video-conferences/40769970
  * @author  Miroslav Pejic - miroslav.pejic.85@gmail.com
- * @version 1.5.41
+ * @version 1.5.42
  *
  */
 
@@ -400,9 +400,7 @@ class RoomClient {
             .then(async (room) => {
                 console.log('##### JOIN ROOM #####', room);
                 if (room === 'invalid') {
-                    console.log(
-                        '00-WARNING ----> Room is Invalid! Must be a UUID4 or an ALPHANUMERIC string without special characters or spaces',
-                    );
+                    console.log('00-WARNING ----> Invalid Room name! Path traversal pattern detected!');
                     return this.roomInvalid();
                 }
                 if (room === 'notAllowed') {
@@ -6178,7 +6176,7 @@ class RoomClient {
             background: swalBackground,
             imageUrl: image.forbidden,
             title: 'Oops, Room not valid',
-            text: 'Invalid room name! Must be a UUID4 or an ALPHANUMERIC string without special characters or spaces',
+            text: 'Invalid Room name! Path traversal pattern detected!',
             confirmButtonText: `OK`,
             showClass: { popup: 'animate__animated animate__fadeInDown' },
             hideClass: { popup: 'animate__animated animate__fadeOutUp' },