2020-07-01 13:55:41 +10:00
|
|
|
From 0c9afcd065d73db1288f2576748fc895c7d18d0d Mon Sep 17 00:00:00 2001
|
2014-07-02 23:46:50 +01:00
|
|
|
From: Thinkofdeath <thinkofdeath@spigotmc.org>
|
|
|
|
|
Date: Wed, 2 Jul 2014 23:35:51 +0100
|
|
|
|
|
Subject: [PATCH] Better item validation
|
|
|
|
|
|
|
|
|
|
|
2014-07-19 19:10:12 +01:00
|
|
|
diff --git a/src/main/java/net/minecraft/server/PacketDataSerializer.java b/src/main/java/net/minecraft/server/PacketDataSerializer.java
|
2020-06-25 10:00:00 +10:00
|
|
|
index a2fe489bd..f574a28b6 100644
|
2014-07-19 19:10:12 +01:00
|
|
|
--- a/src/main/java/net/minecraft/server/PacketDataSerializer.java
|
|
|
|
|
+++ b/src/main/java/net/minecraft/server/PacketDataSerializer.java
|
2020-06-25 10:00:00 +10:00
|
|
|
@@ -271,6 +271,10 @@ public class PacketDataSerializer extends ByteBuf {
|
2014-07-19 19:10:12 +01:00
|
|
|
NBTTagCompound nbttagcompound = null;
|
|
|
|
|
|
2020-06-25 10:00:00 +10:00
|
|
|
if (item.usesDurability() || item.n()) {
|
2014-07-19 19:10:12 +01:00
|
|
|
+ // Spigot start - filter
|
|
|
|
|
+ itemstack = itemstack.cloneItemStack();
|
|
|
|
|
+ CraftItemStack.setItemMeta(itemstack, CraftItemStack.getItemMeta(itemstack));
|
|
|
|
|
+ // Spigot end
|
2014-11-26 08:27:08 +11:00
|
|
|
nbttagcompound = itemstack.getTag();
|
2014-07-19 19:10:12 +01:00
|
|
|
}
|
|
|
|
|
|
2014-07-02 23:46:50 +01:00
|
|
|
diff --git a/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java b/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java
|
2020-06-06 19:28:03 +10:00
|
|
|
index b8f1c64f4..456ee64ed 100644
|
2014-07-02 23:46:50 +01:00
|
|
|
--- a/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java
|
|
|
|
|
+++ b/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java
|
2020-04-14 12:42:02 +10:00
|
|
|
@@ -18,6 +18,10 @@ import org.bukkit.craftbukkit.util.CraftChatMessage;
|
2019-04-23 15:12:43 +10:00
|
|
|
import org.bukkit.craftbukkit.util.CraftMagicNumbers;
|
|
|
|
|
import org.bukkit.inventory.meta.BookMeta;
|
2014-07-02 23:46:50 +01:00
|
|
|
|
|
|
|
|
+// Spigot start
|
|
|
|
|
+import static org.spigotmc.ValidateUtils.*;
|
|
|
|
|
+// Spigot end
|
|
|
|
|
+
|
|
|
|
|
@DelegateDeserialization(SerializableMeta.class)
|
2015-04-16 11:19:45 +01:00
|
|
|
public class CraftMetaBook extends CraftMetaItem implements BookMeta {
|
2014-07-02 23:46:50 +01:00
|
|
|
static final ItemMetaKey BOOK_TITLE = new ItemMetaKey("title");
|
2020-04-14 12:42:02 +10:00
|
|
|
@@ -54,11 +58,11 @@ public class CraftMetaBook extends CraftMetaItem implements BookMeta {
|
2014-07-02 23:46:50 +01:00
|
|
|
super(tag);
|
|
|
|
|
|
|
|
|
|
if (tag.hasKey(BOOK_TITLE.NBT)) {
|
|
|
|
|
- this.title = tag.getString(BOOK_TITLE.NBT);
|
|
|
|
|
+ this.title = limit( tag.getString(BOOK_TITLE.NBT), 1024 ); // Spigot
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (tag.hasKey(BOOK_AUTHOR.NBT)) {
|
|
|
|
|
- this.author = tag.getString(BOOK_AUTHOR.NBT);
|
|
|
|
|
+ this.author = limit( tag.getString(BOOK_AUTHOR.NBT), 1024 ); // Spigot
|
|
|
|
|
}
|
2014-12-11 20:46:00 +00:00
|
|
|
|
|
|
|
|
boolean resolved = false;
|
2020-04-14 12:42:02 +10:00
|
|
|
@@ -83,7 +87,7 @@ public class CraftMetaBook extends CraftMetaItem implements BookMeta {
|
2014-12-12 09:47:02 +00:00
|
|
|
// Ignore and treat as an old book
|
|
|
|
|
}
|
2014-11-26 08:27:08 +11:00
|
|
|
}
|
2014-12-26 22:02:31 +00:00
|
|
|
- addPage(page);
|
|
|
|
|
+ addPage( limit( page, 2048 ) ); // Spigot
|
2014-07-02 23:46:50 +01:00
|
|
|
}
|
2014-12-26 22:02:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
2014-07-02 23:46:50 +01:00
|
|
|
diff --git a/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaItem.java b/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaItem.java
|
2020-07-01 13:55:41 +10:00
|
|
|
index 340ad1809..9feec0d85 100644
|
2014-07-02 23:46:50 +01:00
|
|
|
--- a/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaItem.java
|
|
|
|
|
+++ b/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaItem.java
|
2020-06-25 10:00:00 +10:00
|
|
|
@@ -78,6 +78,10 @@ import org.bukkit.inventory.meta.Repairable;
|
2019-04-23 15:12:43 +10:00
|
|
|
import org.bukkit.inventory.meta.tags.CustomItemTagContainer;
|
2019-04-25 14:39:43 +10:00
|
|
|
import org.bukkit.persistence.PersistentDataContainer;
|
2014-07-02 23:46:50 +01:00
|
|
|
|
|
|
|
|
+// Spigot start
|
|
|
|
|
+import static org.spigotmc.ValidateUtils.*;
|
|
|
|
|
+// Spigot end
|
|
|
|
|
+
|
|
|
|
|
/**
|
|
|
|
|
* Children must include the following:
|
|
|
|
|
*
|
2020-07-01 13:55:41 +10:00
|
|
|
@@ -327,7 +331,7 @@ class CraftMetaItem implements ItemMeta, Damageable, Repairable, BlockDataMeta {
|
2014-07-02 23:46:50 +01:00
|
|
|
|
|
|
|
|
if (display.hasKey(NAME.NBT)) {
|
2018-07-21 10:19:54 +10:00
|
|
|
try {
|
|
|
|
|
- displayName = IChatBaseComponent.ChatSerializer.a(display.getString(NAME.NBT));
|
|
|
|
|
+ displayName = IChatBaseComponent.ChatSerializer.a( limit( display.getString(NAME.NBT), 1024 ) ); // Spigot
|
|
|
|
|
} catch (JsonParseException ex) {
|
|
|
|
|
// Ignore (stripped like Vanilla)
|
|
|
|
|
}
|
2020-07-01 13:55:41 +10:00
|
|
|
@@ -335,7 +339,7 @@ class CraftMetaItem implements ItemMeta, Damageable, Repairable, BlockDataMeta {
|
2014-07-02 23:46:50 +01:00
|
|
|
|
2017-02-16 11:55:41 +11:00
|
|
|
if (display.hasKey(LOCNAME.NBT)) {
|
2018-07-21 10:19:54 +10:00
|
|
|
try {
|
|
|
|
|
- locName = IChatBaseComponent.ChatSerializer.a(display.getString(LOCNAME.NBT));
|
|
|
|
|
+ locName = IChatBaseComponent.ChatSerializer.a( limit( display.getString(LOCNAME.NBT), 1024 ) ); // Spigot
|
|
|
|
|
} catch (JsonParseException ex) {
|
|
|
|
|
// Ignore (stripped like Vanilla)
|
|
|
|
|
}
|
2020-07-01 13:55:41 +10:00
|
|
|
@@ -346,7 +350,7 @@ class CraftMetaItem implements ItemMeta, Damageable, Repairable, BlockDataMeta {
|
2019-04-24 10:12:26 +10:00
|
|
|
lore = new ArrayList<IChatBaseComponent>(list.size());
|
2014-07-02 23:46:50 +01:00
|
|
|
|
|
|
|
|
for (int index = 0; index < list.size(); index++) {
|
2014-07-09 10:23:19 +10:00
|
|
|
- String line = list.getString(index);
|
2019-04-24 10:12:26 +10:00
|
|
|
+ String line = limit( list.getString(index), 8192 ); // Spigot
|
|
|
|
|
try {
|
|
|
|
|
lore.add(IChatBaseComponent.ChatSerializer.a(line));
|
|
|
|
|
} catch (JsonParseException ex) {
|
2014-07-02 23:46:50 +01:00
|
|
|
diff --git a/src/main/java/org/spigotmc/ValidateUtils.java b/src/main/java/org/spigotmc/ValidateUtils.java
|
|
|
|
|
new file mode 100644
|
2020-01-22 08:00:00 +11:00
|
|
|
index 000000000..58a953481
|
2014-07-02 23:46:50 +01:00
|
|
|
--- /dev/null
|
|
|
|
|
+++ b/src/main/java/org/spigotmc/ValidateUtils.java
|
|
|
|
|
@@ -0,0 +1,14 @@
|
|
|
|
|
+package org.spigotmc;
|
|
|
|
|
+
|
|
|
|
|
+public class ValidateUtils
|
|
|
|
|
+{
|
|
|
|
|
+
|
|
|
|
|
+ public static String limit(String str, int limit)
|
|
|
|
|
+ {
|
|
|
|
|
+ if ( str.length() > limit )
|
|
|
|
|
+ {
|
|
|
|
|
+ return str.substring( 0, limit );
|
|
|
|
|
+ }
|
|
|
|
|
+ return str;
|
|
|
|
|
+ }
|
|
|
|
|
+}
|
|
|
|
|
--
|
2020-05-09 18:48:11 +10:00
|
|
|
2.25.1
|
2014-07-02 23:46:50 +01:00
|
|
|
|
