From b30b7223e536f3ab1273ce6b2a8994c745a8d8c4 Mon Sep 17 00:00:00 2001 From: Allink <44676012+allinkdev@users.noreply.github.com> Date: Sun, 10 Jul 2022 03:21:28 +0100 Subject: [PATCH] Patch 'sploits (1.18.2) (#34) * Prevent invalid container events * Do not attempt to cast items to recipes --- ...035-Prevent-invalid-container-events.patch | 37 +++++++++++++++++++ ...not-attempt-to-cast-items-to-recipes.patch | 24 ++++++++++++ 2 files changed, 61 insertions(+) create mode 100644 patches/server/0035-Prevent-invalid-container-events.patch create mode 100644 patches/server/0036-Do-not-attempt-to-cast-items-to-recipes.patch diff --git a/patches/server/0035-Prevent-invalid-container-events.patch b/patches/server/0035-Prevent-invalid-container-events.patch new file mode 100644 index 0000000..12c0e93 --- /dev/null +++ b/patches/server/0035-Prevent-invalid-container-events.patch @@ -0,0 +1,37 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Allink +Date: Sun, 10 Jul 2022 02:44:05 +0100 +Subject: [PATCH] Prevent invalid container events + + +diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java +index b0bd0412010320cc624535d6abffe417a135a4dc..e8157a809ed2b018dfd155e8bc712a8c73aa79e6 100644 +--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java ++++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java +@@ -24,6 +24,8 @@ import java.util.function.UnaryOperator; + import java.util.stream.Collectors; + import java.util.stream.Stream; + import javax.annotation.Nullable; ++ ++import net.kyori.adventure.text.format.NamedTextColor; + import net.minecraft.ChatFormatting; + import net.minecraft.CrashReport; + import net.minecraft.CrashReportCategory; +@@ -2836,6 +2838,17 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Ser + } + + if (packet.getClickType() != net.minecraft.world.inventory.ClickType.QUICK_CRAFT) { ++ // Scissors start - Do not call events when the slot/button number is invalid ++ if(packet.getSlotNum() > 45) ++ { ++ this.getCraftPlayer().kick( ++ net.kyori.adventure.text.Component.text("Invalid container click slot (Hacking?)") ++ .color(NamedTextColor.RED) ++ ); ++ return; ++ } ++ // Scissors end ++ + if (click == ClickType.NUMBER_KEY) { + event = new InventoryClickEvent(inventory, type, packet.getSlotNum(), click, action, packet.getButtonNum()); + } else { diff --git a/patches/server/0036-Do-not-attempt-to-cast-items-to-recipes.patch b/patches/server/0036-Do-not-attempt-to-cast-items-to-recipes.patch new file mode 100644 index 0000000..664f7d7 --- /dev/null +++ b/patches/server/0036-Do-not-attempt-to-cast-items-to-recipes.patch @@ -0,0 +1,24 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Allink +Date: Sun, 10 Jul 2022 02:45:15 +0100 +Subject: [PATCH] Do not attempt to cast items to recipes + + +diff --git a/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java b/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java +index 0f19ef250a2f82e49730cb58ea43ee6bf407455a..764b56c2d5cdf5a57fced106d196ef866f70e885 100644 +--- a/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java ++++ b/src/main/java/net/minecraft/world/level/block/entity/AbstractFurnaceBlockEntity.java +@@ -634,6 +634,13 @@ public abstract class AbstractFurnaceBlockEntity extends BaseContainerBlockEntit + Entry entry = (Entry) objectiterator.next(); + + worldserver.getRecipeManager().byKey((ResourceLocation) entry.getKey()).ifPresent((irecipe) -> { ++ // Scissors start - Do not attempt to cast items to recipes ++ if (!(irecipe instanceof AbstractCookingRecipe)) ++ { ++ return; ++ } ++ // Scissors end ++ + list.add(irecipe); + AbstractFurnaceBlockEntity.createExperience(worldserver, vec3d, entry.getIntValue(), ((AbstractCookingRecipe) irecipe).getExperience(), blockposition, entityplayer, itemstack, amount); // CraftBukkit + });