AtlasMediaGroup/Scissors
1
0
Fork 0
mirror of https://github.com/AtlasMediaGroup/Scissors.git synced 2024-11-27 07:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix ResourceLocation exploits (1.20.1) (#102)

Browse Source 
* Catch null ResourceLocations in CraftNamespacedKey

* Some more ResourceLocation validation
This commit is contained in:
Luna 2023-06-14 05:07:38 -03:00 committed by GitHub
parent 9809c34764
commit 70c16f6ffa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 67 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
patches/server/0049-Implement-command-block-events.patch
View File

@ -18,7 +18,7 @@ index c99fc118013cb3d4043638e2001a8297e79ddf9c..cdaa81e1f2167b29ec01cc25e51a8400
private final boolean trackOutput; private final boolean trackOutput;
diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b8c727e9d 100644 index 26bf05922698c734302fa80076e7a1eadbfe1d8d..5422eb931d83f65d40be5fcca49b6d9e57eec735 100644
--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java --- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java +++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
@@ -1,6 +1,8 @@ @@ -1,6 +1,8 @@
@ -132,7 +132,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
ServerGamePacketListenerImpl.LOGGER.warn("{} moved too quickly! {},{},{}", new Object[]{this.player.getName().getString(), d6, d7, d8}); ServerGamePacketListenerImpl.LOGGER.warn("{} moved too quickly! {},{},{}", new Object[]{this.player.getName().getString(), d6, d7, d8});
this.teleport(this.player.getX(), this.player.getY(), this.player.getZ(), this.player.getYRot(), this.player.getXRot()); this.teleport(this.player.getX(), this.player.getY(), this.player.getZ(), this.player.getYRot(), this.player.getXRot());
return; return;
@@ -1976,7 +2008,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -1979,7 +2011,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
MutableComponent ichatmutablecomponent = Component.translatable("build.tooHigh", i - 1).withStyle(ChatFormatting.RED); MutableComponent ichatmutablecomponent = Component.translatable("build.tooHigh", i - 1).withStyle(ChatFormatting.RED);
this.player.sendSystemMessage(ichatmutablecomponent, true); this.player.sendSystemMessage(ichatmutablecomponent, true);
@ -141,7 +141,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
this.player.swing(enumhand, true); this.player.swing(enumhand, true);
} }
} }
@@ -2227,32 +2259,32 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2230,32 +2262,32 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
// CraftBukkit end // CraftBukkit end
if (ServerGamePacketListenerImpl.isChatMessageIllegal(packet.message())) { if (ServerGamePacketListenerImpl.isChatMessageIllegal(packet.message())) {
this.server.scheduleOnMain(() -> { // Paper - push to main for event firing this.server.scheduleOnMain(() -> { // Paper - push to main for event firing
@ -190,7 +190,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
// }); // CraftBukkit - async chat // }); // CraftBukkit - async chat
} }
@@ -2263,7 +2295,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2266,7 +2298,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
public void handleChatCommand(ServerboundChatCommandPacket packet) { public void handleChatCommand(ServerboundChatCommandPacket packet) {
if (ServerGamePacketListenerImpl.isChatMessageIllegal(packet.command())) { if (ServerGamePacketListenerImpl.isChatMessageIllegal(packet.command())) {
this.server.scheduleOnMain(() -> { // Paper - push to main for event firing this.server.scheduleOnMain(() -> { // Paper - push to main for event firing
@ -199,7 +199,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
}); // Paper - push to main for event firing }); // Paper - push to main for event firing
} else { } else {
Optional<LastSeenMessages> optional = this.tryHandleChat(packet.command(), packet.timeStamp(), packet.lastSeenMessages()); Optional<LastSeenMessages> optional = this.tryHandleChat(packet.command(), packet.timeStamp(), packet.lastSeenMessages());
@@ -2288,7 +2320,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2291,7 +2323,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
// CraftBukkit start // CraftBukkit start
String command = "/" + packet.command(); String command = "/" + packet.command();
if (org.spigotmc.SpigotConfig.logCommands) { // Paper if (org.spigotmc.SpigotConfig.logCommands) { // Paper
@ -208,7 +208,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
} // Paper } // Paper
PlayerCommandPreprocessEvent event = new PlayerCommandPreprocessEvent(this.getCraftPlayer(), command, new LazyPlayerSet(this.server)); PlayerCommandPreprocessEvent event = new PlayerCommandPreprocessEvent(this.getCraftPlayer(), command, new LazyPlayerSet(this.server));
@@ -2353,7 +2385,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2356,7 +2388,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
if (!this.updateChatOrder(timestamp)) { if (!this.updateChatOrder(timestamp)) {
ServerGamePacketListenerImpl.LOGGER.warn("{} sent out-of-order chat: '{}': {} > {}", this.player.getName().getString(), message, this.lastChatTimeStamp.get().getEpochSecond(), timestamp.getEpochSecond()); // Paper ServerGamePacketListenerImpl.LOGGER.warn("{} sent out-of-order chat: '{}': {} > {}", this.player.getName().getString(), message, this.lastChatTimeStamp.get().getEpochSecond(), timestamp.getEpochSecond()); // Paper
this.server.scheduleOnMain(() -> { // Paper - push to main this.server.scheduleOnMain(() -> { // Paper - push to main
@ -217,7 +217,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
}); // Paper - push to main }); // Paper - push to main
return Optional.empty(); return Optional.empty();
} else { } else {
@@ -2424,7 +2456,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2427,7 +2459,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
this.handleCommand(s); this.handleCommand(s);
} else if (this.player.getChatVisibility() == ChatVisiblity.SYSTEM) { } else if (this.player.getChatVisibility() == ChatVisiblity.SYSTEM) {
// Do nothing, this is coming from a plugin // Do nothing, this is coming from a plugin
@ -226,7 +226,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
} else if (true) { } else if (true) {
final ChatProcessor cp = new ChatProcessor(this.server, this.player, original, async); final ChatProcessor cp = new ChatProcessor(this.server, this.player, original, async);
cp.process(); cp.process();
@@ -2535,7 +2567,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2538,7 +2570,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
// Paper End // Paper End
co.aikar.timings.MinecraftTimings.playerCommandTimer.startTiming(); // Paper co.aikar.timings.MinecraftTimings.playerCommandTimer.startTiming(); // Paper
if ( org.spigotmc.SpigotConfig.logCommands ) // Spigot if ( org.spigotmc.SpigotConfig.logCommands ) // Spigot
@ -235,7 +235,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
CraftPlayer player = this.getCraftPlayer(); CraftPlayer player = this.getCraftPlayer();
@@ -2614,16 +2646,16 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2617,16 +2649,16 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
@Override @Override
public void handleChatAck(ServerboundChatAckPacket packet) { public void handleChatAck(ServerboundChatAckPacket packet) {
LastSeenMessagesValidator lastseenmessagesvalidator = this.lastSeenMessages; LastSeenMessagesValidator lastseenmessagesvalidator = this.lastSeenMessages;
@ -262,7 +262,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
} }
} }
@@ -2862,7 +2894,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -2865,7 +2897,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
} }
if (event.isCancelled()) { if (event.isCancelled()) {
@ -271,7 +271,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
return; return;
} }
// CraftBukkit end // CraftBukkit end
@@ -3436,19 +3468,19 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -3439,19 +3471,19 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
itemstack = CraftItemStack.asNMSCopy(event.getCursor()); itemstack = CraftItemStack.asNMSCopy(event.getCursor());
switch (event.getResult()) { switch (event.getResult()) {
@ -304,7 +304,7 @@ index 757f20c0d546ab2ca9f32ca2c3733f36290d3a3d..127ed778733eb29f90416ae9c9f2ae0b
} }
} }
// CraftBukkit end // CraftBukkit end
@@ -3516,7 +3548,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic @@ -3519,7 +3551,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
} else if (!this.isSingleplayerOwner()) { } else if (!this.isSingleplayerOwner()) {
// Paper start - This needs to be handled on the main thread for plugins // Paper start - This needs to be handled on the main thread for plugins
server.submit(() -> { server.submit(() -> {

18
patches/server/0052-Catch-null-ResourceLocations-in-CraftNamespacedKey.patch Normal file
View File

@ -0,0 +1,18 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Luna <lunahatesgogle@gmail.com>
Date: Tue, 13 Jun 2023 18:29:18 -0300
Subject: [PATCH] Catch null ResourceLocations in CraftNamespacedKey
diff --git a/src/main/java/org/bukkit/craftbukkit/util/CraftNamespacedKey.java b/src/main/java/org/bukkit/craftbukkit/util/CraftNamespacedKey.java
index 5014192edb9616ce725fc1592832034789527b6f..64da1b0afd51720803aba0d9e86d0b1743bdb0da 100644
--- a/src/main/java/org/bukkit/craftbukkit/util/CraftNamespacedKey.java
+++ b/src/main/java/org/bukkit/craftbukkit/util/CraftNamespacedKey.java
@@ -21,6 +21,7 @@ public final class CraftNamespacedKey {
}
public static NamespacedKey fromMinecraft(ResourceLocation minecraft) {
+ if (minecraft == null) throw new IllegalArgumentException("Null ResourceLocation provided"); // Scissors
return new NamespacedKey(minecraft.getNamespace(), minecraft.getPath());
}

37
patches/server/0053-Some-more-ResourceLocation-validation.patch Normal file
View File

@ -0,0 +1,37 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Luna <lunahatesgogle@gmail.com>
Date: Tue, 13 Jun 2023 18:37:56 -0300
Subject: [PATCH] Some more ResourceLocation validation
diff --git a/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java b/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java
index 430810b9cc554dfb3bb0972c103c8a36e8db67ef..b2832c75beab2a1fa077b0317392b6aa46134ce6 100644
--- a/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java
+++ b/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java
@@ -300,7 +300,12 @@ public abstract class AbstractFurnaceBlockEntity extends BaseContainerBlockEntit
while (iterator.hasNext()) {
String s = (String) iterator.next();
- this.recipesUsed.put(new ResourceLocation(s), nbttagcompound1.getInt(s));
+ // Scissors start
+ final ResourceLocation rl = ResourceLocation.tryParse(s);
+ if (rl != null) {
+ this.recipesUsed.put(rl, nbttagcompound1.getInt(s));
+ }
+ // Scissors end
}
// Paper start - cook speed API
diff --git a/src/main/java/net/minecraft/world/level/block/entity/BrushableBlockEntity.java b/src/main/java/net/minecraft/world/level/block/entity/BrushableBlockEntity.java
index 14ddb953176b02e7ac68401c5c03120f920739a1..c04d24930f03d91f341fb45bed3b8356890dce83 100644
--- a/src/main/java/net/minecraft/world/level/block/entity/BrushableBlockEntity.java
+++ b/src/main/java/net/minecraft/world/level/block/entity/BrushableBlockEntity.java
@@ -199,7 +199,7 @@ public class BrushableBlockEntity extends BlockEntity {
private boolean tryLoadLootTable(CompoundTag nbt) {
if (nbt.contains("LootTable", 8)) {
- this.lootTable = new ResourceLocation(nbt.getString("LootTable"));
+ this.lootTable = ResourceLocation.tryParse(nbt.getString("LootTable")); // Scissors
this.lootTableSeed = nbt.getLong("LootTableSeed");
return true;
} else {