Compare commits

...

7 Commits

Author SHA1 Message Date
f77c071fa0 Bump JDA from 4.4.0_352 to 4.4.1_353
Bumps JDA from 4.4.0_352 to 4.4.1_353.

---
updated-dependencies:
- dependency-name: net.dv8tion:JDA
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-01 02:30:25 +00:00
1c096b97e3 Merge pull request #314 from AtlasMediaGroup/merge-main-to-dev
Merge main to dev
2023-03-31 21:29:35 -05:00
cc48f93556 Merge branch 'main' into development 2023-03-31 21:15:34 -05:00
dd373fc9aa Merge pull request #307 from AtlasMediaGroup/RELEASE-2022.06.1
Release 2022.06.1
2023-03-31 18:25:42 -05:00
41331e719d Updates version to 2022.06.1 2023-03-08 19:58:14 -07:00
72c83ba84a Merge pull request #306 from AtlasMediaGroup/critical-exploit-fix
Patches critical exploit in the command blocker
2023-03-08 19:53:51 -07:00
3deaaafb88 Patches critical exploit 2023-03-08 19:52:30 -07:00
2 changed files with 11 additions and 3 deletions

View File

@ -5,7 +5,7 @@
<groupId>me.totalfreedom</groupId>
<artifactId>TotalFreedomMod</artifactId>
<version>2022.06</version>
<version>2022.06.1</version>
<packaging>jar</packaging>
<properties>
@ -157,7 +157,7 @@
<dependency>
<groupId>net.dv8tion</groupId>
<artifactId>JDA</artifactId>
<version>4.4.0_352</version>
<version>4.4.1_353</version>
<scope>provided</scope>
</dependency>

View File

@ -24,7 +24,7 @@ import org.bukkit.plugin.SimplePluginManager;
public class CommandBlocker extends FreedomService
{
private final Pattern whitespacePattern = Pattern.compile("^/?( +)(.*)?");
private final Pattern flagPattern = Pattern.compile("(:([0-9]){5,})");
//
private final Map<String, CommandBlockerEntry> entryList = Maps.newHashMap();
@ -156,6 +156,14 @@ public class CommandBlocker extends FreedomService
// Format
command = command.toLowerCase().trim();
// Whitespaces
Matcher whitespaceMatcher = whitespacePattern.matcher(command);
if (whitespaceMatcher.matches() && whitespaceMatcher.groupCount() == 2)
{
command = whitespaceMatcher.group(2);
}
command = command.startsWith("/") ? command.substring(1) : command;
// Check for plugin specific commands