From 3deaaafb8804d0c6634ab22d970f58ab8c529778 Mon Sep 17 00:00:00 2001 From: Video Date: Wed, 8 Mar 2023 19:52:30 -0700 Subject: [PATCH] Patches critical exploit --- .../blocking/command/CommandBlocker.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/main/java/me/totalfreedom/totalfreedommod/blocking/command/CommandBlocker.java b/src/main/java/me/totalfreedom/totalfreedommod/blocking/command/CommandBlocker.java index 2074f3e5..850b0159 100644 --- a/src/main/java/me/totalfreedom/totalfreedommod/blocking/command/CommandBlocker.java +++ b/src/main/java/me/totalfreedom/totalfreedommod/blocking/command/CommandBlocker.java @@ -24,7 +24,7 @@ import org.bukkit.plugin.SimplePluginManager; public class CommandBlocker extends FreedomService { - + private final Pattern whitespacePattern = Pattern.compile("^/?( +)(.*)?"); private final Pattern flagPattern = Pattern.compile("(:([0-9]){5,})"); // private final Map entryList = Maps.newHashMap(); @@ -156,6 +156,14 @@ public class CommandBlocker extends FreedomService // Format command = command.toLowerCase().trim(); + + // Whitespaces + Matcher whitespaceMatcher = whitespacePattern.matcher(command); + if (whitespaceMatcher.matches() && whitespaceMatcher.groupCount() == 2) + { + command = whitespaceMatcher.group(2); + } + command = command.startsWith("/") ? command.substring(1) : command; // Check for plugin specific commands