AutoFix PR

src/Controllers/ImageLookup.js

@@ -3,13 +3,34 @@ const { logger } = require("../Logger");
 
 class ImageLookup {
   get(req, res) {
-    /* File Traversal exploit */
-    /* Can read any file in the server by passing the filename (image) in the query params */
-    /* ex: http GET http://localhost:8089/api/v1/image-lookup image=="package.json" */
-    const fileContent = fs.readFileSync(req.query.image).toString();
-    logger.debug(fileContent);
-    res.send(fileContent);
-  }
-}
+	import fs from 'fs';
+	import path from 'path';
+	import logger from '../logger';
+
+	function get(req, res) {
+	  try {
+	    /* Validate and escape the input to prevent directory traversal */
+	    const sanitizedFileName = sanitizeInput(req.query.image);
+
+	    /* Read the file from the sanitized file name */
+	    const filePath = path.join(__dirname, '..', 'uploads', sanitizedFileName);
+	    const fileContent = fs.readFileSync(filePath).toString();
+
+	    /* Log the file content and send it back to the client */
+	    logger.debug(fileContent);
+	    res.send(fileContent);
+	  } catch (error) {
+	    /* Handle any errors that occur during the file reading process */
+	    logger.error(error);
+	    res.status(500).send('An error occurred while trying to read the file.');
+	  }
+	}
+
+	function sanitizeInput(input) {
+	  /* Replace any characters that could be used for directory traversal */
+	  return input.replace(/[\.\/\\]/g, '');
+	}
+
 
 module.exports = ImageLookup;
+

src/Controllers/Login.js

@@ -11,15 +11,20 @@ class Login {
   }
 
   encryptData(secretText) {
-    const crypto = require('crypto');
+	const crypto = require('crypto');
 
-    // Weak encryption
-    const desCipher = crypto.createCipheriv(
-      'des',
-      "This is a simple password, don't guess it"
-    );
-    return desCipher.write(secretText, 'utf8', 'hex'); // BAD: weak encryption
-  }
+	function encryptData(secretText) {
+	  // Strong encryption using AES-256-CBC
+	  const key = crypto.randomBytes(32);
+	  const iv = crypto.randomBytes(16);
+
+	  const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
+
+	  let encrypted = cipher.update(secretText, 'utf8', 'hex');
+	  encrypted += cipher.final('hex');
+
+	  return { iv: iv.toString('hex'), encryptedData: encrypted };
+	}
 
   async handleLogin(req, res, client, data) {
     const { username, password, keeponline } = data;
@@ -97,3 +102,4 @@ class Login {
 }
 
 module.exports = Login;
+

src/Controllers/Order.js

@@ -15,10 +15,15 @@ class Order {
   }
 
   decryptData(encryptedText) {
+	decryptData(encryptedText) {
+    const encryptionKey = process.env.ENCRYPTION_KEY; // Retrieve the key from environment variables
+    if (!encryptionKey) {
+      throw new Error('Encryption key is not set');
+    }
     const desCipher = crypto.createDecipheriv('des', encryptionKey);
     return desCipher.update(encryptedText);
   }
-  addToOrder(req, res) {
+
     const order = req.body;
     console.log(req.body);
     if (req.session.orders) {
@@ -119,3 +124,4 @@ class Order {
 }
 
 module.exports = new Order();
+

src/views.js

@@ -9,24 +9,30 @@ module.exports = app => {
   app.get(`/login`, (req, res) => res.render('Login'));
 
   app.get(`/user-input`, (req, res) => {
+	const sanitizeHtml = require('sanitize-html');
+
+	(req, res) => {
     /*
       User input vulnerability,
       if the user passes vulnerable javascipt code, its executed in user's browser
       ex: alert('hi')
     */
     let result = '';
     try {
-      result = require('util').inspect(eval(req.query.userInput));
+      // Sanitize user input to prevent code injection
+      const sanitizedInput = sanitizeHtml(req.query.userInput);
+      result = require('util').inspect(eval(sanitizedInput));
     } catch (ex) {
       console.error(ex);
     }
     res.render('UserInput', {
-      userInput: req.query.userInput,
+      userInput: sanitizedInput, // Use sanitized input in the view
       result,
       date: new Date().toUTCString()
     });
-  });
+  }
 
   app.get(`/`, secured.get);
   app.post(`/`, secured.post);
 };
+