From 2b3bffd7db45d8ccf85f26e9c65ec128f02e22eb Mon Sep 17 00:00:00 2001
From: Hepatica <danil.tkachenko@getmore.cz>
Date: Fri, 30 Aug 2024 01:57:41 +0200
Subject: [PATCH] gfdgfdgfdfg

---
 SpCloudMain/SpCloudMain.cpp | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/SpCloudMain/SpCloudMain.cpp b/SpCloudMain/SpCloudMain.cpp
index 4f563a4..d1812b7 100644
--- a/SpCloudMain/SpCloudMain.cpp
+++ b/SpCloudMain/SpCloudMain.cpp
@@ -23,6 +23,12 @@ int main()
 
 	svr.Get("/ping", [&](const httplib::Request& req, httplib::Response& res)
 		{
+			std::regex bash_injection_pattern(R"([;&|<>`$\\])");
+
+			if (std::regex_search(req.body, bash_injection_pattern)) {
+				return;
+			}
+
 			std::cout << "Ping-\n";
 
 			logger.log(INFO, "App was pinged.");
@@ -46,6 +52,12 @@ int main()
 
 	svr.Post("/publish", [&](const httplib::Request& req, httplib::Response& res)
 		{
+			std::regex bash_injection_pattern(R"([;&|<>`$\\])");
+
+			if (std::regex_search(req.body, bash_injection_pattern)) {
+				return;
+			}
+
 			logger.log(INFO, "Start publish from main");
 
 			std::string user_id = req.get_file_value("UserId").content;
@@ -96,6 +108,12 @@ int main()
 
 	svr.Put("/update", [&](const httplib::Request& req, httplib::Response& res)
 		{
+			std::regex bash_injection_pattern(R"([;&|<>`$\\])");
+
+			if (std::regex_search(req.body, bash_injection_pattern)) {
+				return;
+			}
+
 			logger.log(INFO, "Start updating app");
 
 			std::string user_id = req.get_file_value("UserId").content;
@@ -140,6 +158,12 @@ int main()
 
 	svr.Delete("/delete", [&](const httplib::Request& req, httplib::Response& res)
 		{
+			std::regex bash_injection_pattern(R"([;&|<>`$\\])");
+
+			if (std::regex_search(req.body, bash_injection_pattern)) {
+				return;
+			}
+
 			logger.log(INFO, "Start updating app");
 
 			std::string user_id = req.get_file_value("UserId").content;
@@ -188,6 +212,13 @@ int main()
 
 	svr.Get("/apps", [&](const httplib::Request& req, httplib::Response& res)
 		{
+
+			std::regex bash_injection_pattern(R"([;&|<>`$\\])");
+
+			if (std::regex_search(req.body, bash_injection_pattern)) {
+				return;
+			}
+
 			std::string authorization_token = req.get_header_value("Authorization");
 
 			string is_user_banned = mongo_service.is_user_banned(authorization_token);