From c842470bf3a018b57517b13bae4bd55ffcec41ed Mon Sep 17 00:00:00 2001
From: bropat <patrick.broetto@gmail.com>
Date: Thu, 7 Mar 2024 17:12:15 +0000
Subject: [PATCH] Fixed livestreaming issue introduced by CVE-2023-46809 in
 Node.js

---
 eufy-security-ws/CHANGELOG.md |  4 ++++
 eufy-security-ws/run.sh       | 30 +++++++++++++++++++++++++++++-
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/eufy-security-ws/CHANGELOG.md b/eufy-security-ws/CHANGELOG.md
index f20875e..84e9609 100755
--- a/eufy-security-ws/CHANGELOG.md
+++ b/eufy-security-ws/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.8.0-1
+
+- Fixed livestreaming issue introduced by CVE-2023-46809 in Node.js ([#310](https://github.com/bropat/eufy-security-ws/issues/310))
+
 ## 1.8.0
 
 - Updated eufy-security-ws to version [`1.8.0`](https://github.com/bropat/eufy-security-ws/releases/tag/1.8.0)
diff --git a/eufy-security-ws/run.sh b/eufy-security-ws/run.sh
index a9a60d1..5e0b1f8 100755
--- a/eufy-security-ws/run.sh
+++ b/eufy-security-ws/run.sh
@@ -93,9 +93,37 @@ JSON_STRING="$( jq -n \
     }"
   )"
 
+check_version() {
+    if [ "$1" = "$2" ]; then
+        return 1 # equal
+    fi
+    version=$(printf '%s\n' "$1" "$2" | sort -V | tail -n 1)
+    if [ "$version" = "$2" ]; then
+        return 2 # greater
+    fi
+    return 0 # lower
+}
+
+node_version=$(node -v)
+node_result=0
+if [ "${node_version:1:2}" = "18" ]; then
+    check_version "v18.19.1" "$node_version"
+    node_result=$?
+elif [ "${node_version:1:2}" = "20" ]; then
+    check_version "v20.11.1" "$node_version"
+    node_result=$?
+else
+    check_version "v21.6.2" "$node_version"
+    node_result=$?
+fi
+WORKAROUND_ISSUE_310=""
+if [ $node_result -gt 0 ]; then
+    WORKAROUND_ISSUE_310="--security-revert=CVE-2023-46809"
+fi
+
 if bashio::config.has_value 'username' && bashio::config.has_value 'password'; then
     echo "$JSON_STRING" > $CONFIG_PATH
-    exec /usr/bin/node $IPV4_FIRST_NODE_OPTION /usr/src/app/node_modules/eufy-security-ws/dist/bin/server.js --host 0.0.0.0 --config $CONFIG_PATH $DEBUG_OPTION $PORT_OPTION
+    exec /usr/bin/node $WORKAROUND_ISSUE_310 $IPV4_FIRST_NODE_OPTION /usr/src/app/node_modules/eufy-security-ws/dist/bin/server.js --host 0.0.0.0 --config $CONFIG_PATH $DEBUG_OPTION $PORT_OPTION
 else
     echo "Required parameters username and/or password not set. Starting aborted!"
 fi