Bump minimist from 1.2.5 to 1.2.6 in /tubio-frontend-nuxt-app

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

.gitignore

@@ -11,6 +11,7 @@
 *.sln.docstates
 
 # Tubio files
+/Tubio/Tubio
 config.json
 log.txt
 log.json
@@ -28,6 +29,7 @@ ffprobe.exe
 mono_crash.*
 
 # Build results
+build/
 [Dd]ebug/
 [Dd]ebugPublic/
 [Rr]elease/
@@ -371,4 +373,4 @@ MigrationBackup/
 .ionide/
 
 # Fody - auto-generated XML schema
-FodyWeavers.xsd
+FodyWeavers.xsd

Tubio/CMakeLists.txt

@@ -0,0 +1,51 @@
+cmake_minimum_required(VERSION 3.16)
+project(Tubio)
+
+# Set C++ standard
+set(CMAKE_CXX_STANDARD 17)
+
+# Add external-directories dir to include dir list
+include_directories(./external_dependencies/)
+
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++17")
+
+# Add absolutely kawaii sources to Tubio <3
+add_executable(Tubio
+        main.cpp
+        ConsoleManager.cpp
+        ConsoleManager.h
+        DownloadManager.cpp
+        DownloadManager.h
+        FileSystem.cpp
+        FileSystem.h
+        Framework.cpp
+        Framework.h
+        HttpServer.cpp
+        HttpServer.h
+        Idler.cpp
+        Idler.h
+        LogHistory.cpp
+        LogHistory.h
+        LogTypes.h
+        Logger.cpp
+        Logger.h
+        RestQueryHandler.cpp
+        RestQueryHandler.h
+        RestResponseTemplates.cpp
+        RestResponseTemplates.h
+        TimeUnits.h
+        Updater.cpp
+        Updater.h
+        Version.h
+        XGConfig.cpp
+        XGConfig.h
+        XGControl.cpp
+        XGControl.h
+        external_dependencies/casenta/mongoose/mongoose.c
+        external_dependencies/casenta/mongoose/mongoose.h
+        external_dependencies/leonetienne/JasonPP/JasonPP.cpp
+        external_dependencies/leonetienne/JasonPP/JasonPP.hpp
+        external_dependencies/leonetienne/stringtools/StringTools.cpp
+        external_dependencies/leonetienne/stringtools/StringTools.h
+)
+

Tubio/FileSystem.cpp

@@ -1,4 +1,4 @@
-#include "Filesystem.h"
+#include "FileSystem.h"
 #ifdef _WIN
 #include <Windows.h>
 #endif

Tubio/HttpServer.cpp

@@ -1,4 +1,5 @@
 #include "HttpServer.h"
+#include "external_dependencies/leonetienne/stringtools/StringTools.h"
 
 using namespace Logging;
 using namespace Rest;
@@ -137,6 +138,15 @@ void HttpServer::EventHandler(mg_connection* pNc, int ev, void* p)
 	return;
 }
 
+std::string HttpServer::SanitizeString(std::string in) {
+  in = StringTools::Replace(in, '`', "\\\\`");
+  in = StringTools::Replace(in, '|', "\\\\|");
+  in = StringTools::Replace(in, '$', "\\\\$");
+  in = StringTools::Replace(in, "&&", "\\\\&\\\\&");
+
+  return in;
+}
+
 void HttpServer::ProcessAPIRequest(mg_connection* pNc, int ev, void* p, std::string peerAddress)
 {
 	// Get struct with http message informations
@@ -144,6 +154,9 @@ void HttpServer::ProcessAPIRequest(mg_connection* pNc, int ev, void* p, std::str
 
 	// Get the transmitted message body
 	std::string requestBodyRaw = FixUnterminatedString(hpm->body.p, hpm->body.len);
+  
+  // Sanitize it
+  requestBodyRaw = SanitizeString(requestBodyRaw);
 
 	// Check for the body being valid json
 	if (IsJsonValid(requestBodyRaw))

Tubio/HttpServer.h

@@ -31,6 +31,8 @@ namespace Rest
 
 		static bool IsConnectionAllowed(std::string peer_address, std::string& denialReason);
 
+    //! Will remove all `, | and && from a string to prevent remote code execution
+    static std::string SanitizeString(std::string in);
 
 		struct mg_mgr* pMgr;
 		struct mg_connection* pNc;

Tubio/Version.h

@@ -1,2 +1,2 @@
 #pragma once
-#define TUBIO_SERVER_VERSION (0.6)
+#define TUBIO_SERVER_VERSION (0.65)

Tubio/XGConfig.h

@@ -1,6 +1,6 @@
 #pragma once
 #include <vector>
-#include "Filesystem.h"
+#include "FileSystem.h"
 #include "external_dependencies/leonetienne/JasonPP/JasonPP.hpp"
 #include "Logger.h"
 

Tubio/external_dependencies/leonetienne/stringtools/StringTools.cpp

@@ -0,0 +1,155 @@
+#include "StringTools.h"
+#include <sstream>
+
+std::string StringTools::Replace(const std::string& str, const char find, const std::string& subst) {
+    std::stringstream ss;
+
+    for (std::size_t i = 0; i < str.length(); i++)
+    {
+        if (str[i] != find)
+            ss << str[i];
+        else
+            ss << subst;
+    }
+
+    return ss.str();
+}
+
+std::string StringTools::Replace(const std::string& str, const std::string& find, const std::string& subst) {
+    if (find.length() == 0)
+        return str;
+
+    std::stringstream ss;
+
+    std::size_t posFound = 0;
+    std::size_t lastFound = 0;
+
+    while (posFound != std::string::npos)
+    {
+        lastFound = posFound;
+        posFound = str.find(find, posFound);
+
+        if (posFound != std::string::npos)
+        {
+            ss << str.substr(lastFound, posFound - lastFound) << subst;
+            posFound += find.length();
+        }
+        else
+        {
+            ss << str.substr(lastFound, (str.length()) - lastFound);
+        }
+    }
+
+    return ss.str();
+}
+
+std::string StringTools::Replace(const std::string& str, const char find, const char subst) {
+    std::stringstream ss;
+    ss << subst;
+
+    return Replace(str, find, ss.str());
+}
+
+std::string StringTools::Replace(const std::string& str, const std::string& find, const char subst) {
+    std::stringstream ss;
+    ss << subst;
+
+    return Replace(str, find, ss.str());
+}
+
+std::string StringTools::Lower(const std::string& str) {
+    std::stringstream ss;
+
+    for (std::size_t i = 0; i < str.size(); i++)
+    {
+        const char c = str[i];
+
+        // Quick-accept: regular letters
+        if ((c >= 'A') && (c <= 'Z'))
+            ss << (char)(c | 32);
+
+            // Else: keep the character as is
+        else ss << c;
+    }
+
+    return ss.str();
+}
+
+std::string StringTools::Upper(const std::string& str) {
+    std::stringstream ss;
+
+    for (std::size_t i = 0; i < str.size(); i++)
+    {
+        const char c = str[i];
+
+        // Quick-accept: regular letters
+        if ((c >= 'a') && (c <= 'z'))
+            ss << (char)(c & ~32);
+
+            // Else: keep the character as is
+        else ss << c;
+    }
+
+    return ss.str();
+}
+
+std::vector<std::string> StringTools::Split(const std::string& str, const std::string& seperator) {
+    std::vector<std::string> toRet;
+    // Quick-accept: str length is 0
+    if (str.length() == 0)
+      toRet.push_back("");
+
+    // Quick-accept: seperator length is 0
+    else if (seperator.length() == 0) {
+      for (const char c : str)
+        toRet.push_back(std::string(&c, (&c) + 1));
+    }
+
+    else {
+      std::size_t idx = 0;
+      while (idx != std::string::npos) {
+        std::size_t lastIdx = idx;
+        idx = str.find(seperator, idx);
+
+        // Grab our substring until the next finding of sep
+        if (idx != std::string::npos) {
+          toRet.push_back(str.substr(
+            lastIdx,
+            idx - lastIdx
+          ));
+
+          idx += seperator.length();
+        }
+        // No more seperator found. Grab the rest until the end of the string
+        else {
+          toRet.push_back(str.substr(
+             lastIdx
+          ));
+        }
+      }
+    }
+
+    return toRet;
+}
+
+std::string StringTools::PadLeft(const std::string& str, const char pad, const std::size_t len) {
+  std::stringstream ss;
+
+  for (std::size_t i = str.length(); i < len; i++)
+    ss << pad;
+
+  ss << str;
+
+  return ss.str();
+}
+
+std::string StringTools::PadRight(const std::string& str, const char pad, const std::size_t len) {
+  std::stringstream ss;
+
+  ss << str;
+
+  for (std::size_t i = str.length(); i < len; i++)
+    ss << pad;
+
+  return ss.str();
+}

Tubio/external_dependencies/leonetienne/stringtools/StringTools.h

@@ -0,0 +1,43 @@
+#ifndef STRINGTOOLS_STRINGTOOLS_H
+#define STRINGTOOLS_STRINGTOOLS_H
+
+#include <string>
+#include <vector>
+
+/* Handy utensils to manipulate strings */
+class StringTools
+{
+public:
+  //! Will replace every occurence of `find` in `str` by `subst`.
+  static std::string Replace(const std::string& str, const char find, const std::string& subst);
+
+  //! Will replace every occurence of `find` in `str` by `subst`.
+  static std::string Replace(const std::string& str, const std::string& find, const std::string& subst);
+
+  //! Will replace every occurence of `find` in `str` by `subst`.
+  static std::string Replace(const std::string& str, const char find, const char subst);
+
+  //! Will replace every occurence of `find` in `str` by `subst`.
+  static std::string Replace(const std::string& str, const std::string& find, const char subst);
+
+  //! Will make a string all-lowercase.
+  static std::string Lower(const std::string& str);
+
+  //! Will make a string all-uppercase.
+  static std::string Upper(const std::string& str);
+
+  //! Will split a string by a string seperator
+  static std::vector<std::string> Split(const std::string& str, const std::string& seperator);
+
+  //! Will pad a string to the left to length l 
+  static std::string PadLeft(const std::string& str, const char pad, const std::size_t len);
+
+  //! Will pad a string to the right to length l 
+  static std::string PadRight(const std::string& str, const char pad, const std::size_t len);
+
+private:
+  // No instanciation! >:(
+  StringTools();
+};
+
+#endif //STRINGTOOLS_STRINGTOOLS_H

Tubio/main.cpp

@@ -1,7 +1,45 @@
 #include "Framework.h"
 
+#ifndef _WIN
+#include <stdlib.h>
+#include <unistd.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+void Deamonize() {
+  // Fork me, kernel-san :o
+  pid_t fork_res = fork();
+
+  // Error handling...
+  if (fork_res < 0) {
+    std::cerr << "Aww shit! Deamonizing failed! Couldn't get forked..." << std::endl;
+    exit(-1);
+  }
+
+  // Close launcher process...
+  if (fork_res > 0) {
+    std::cout << "Successfully spawned tubio daemon... Exiting launcher gracefully..." << std::endl;
+    exit(0);
+  }
+
+  // And set the daemon process free
+  if (setsid() < 0) {
+    std::cerr << "Aww shit! Deamonizing failed! Couldn't create new session..." << std::endl;
+    exit(-1);
+  }
+
+}
+
+#endif
+
+
 int main()
 {
+  #ifndef _WIN
+//    Deamonize();
+  #endif
+
 	Framework framework;
 	framework.Run();
 

linux_build/build.sh

@@ -1,31 +0,0 @@
-#!/bin/bash
-g++ \
-\
--std=c++17 \
-\
--D __linux__ \
--D JASONPP_RENDER_SORTED \
-\
-../Tubio/main.cpp \
-../Tubio/ConsoleManager.cpp \
-../Tubio/DownloadManager.cpp \
-../Tubio/FileSystem.cpp \
-../Tubio/Framework.cpp \
-../Tubio/HttpServer.cpp \
-../Tubio/Logger.cpp \
-../Tubio/LogHistory.cpp \
-../Tubio/RestQueryHandler.cpp \
-../Tubio/RestResponseTemplates.cpp \
-../Tubio/XGConfig.cpp \
-../Tubio/XGControl.cpp \
-../Tubio/Updater.cpp \
-../Tubio/Idler.cpp \
-\
-\
-../Tubio/external_dependencies/casenta/mongoose/mongoose.c \
-../Tubio/external_dependencies/leonetienne/JasonPP/JasonPP.cpp \
-\
--lpthread \
-\
--Wall \
--o ./tubio.out

tubio-frontend-nuxt-app/yarn.lock

@@ -6297,9 +6297,9 @@ minimist-options@4.1.0:
     kind-of "^6.0.3"
 
 minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.5:
-  version "1.2.5"
-  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602"
-  integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==
+  version "1.2.6"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44"
+  integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==
 
 minipass-collect@^1.0.2:
   version "1.0.2"