Compare commits

...

7 Commits

Author SHA1 Message Date
5fee35e2b7 Bump annotations from 23.0.0 to 24.0.1
Bumps [annotations](https://github.com/JetBrains/java-annotations) from 23.0.0 to 24.0.1.
- [Release notes](https://github.com/JetBrains/java-annotations/releases)
- [Changelog](https://github.com/JetBrains/java-annotations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/JetBrains/java-annotations/commits)

---
updated-dependencies:
- dependency-name: org.jetbrains:annotations
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-01 02:30:18 +00:00
1c096b97e3 Merge pull request #314 from AtlasMediaGroup/merge-main-to-dev
Merge main to dev
2023-03-31 21:29:35 -05:00
cc48f93556 Merge branch 'main' into development 2023-03-31 21:15:34 -05:00
dd373fc9aa Merge pull request #307 from AtlasMediaGroup/RELEASE-2022.06.1
Release 2022.06.1
2023-03-31 18:25:42 -05:00
41331e719d Updates version to 2022.06.1 2023-03-08 19:58:14 -07:00
72c83ba84a Merge pull request #306 from AtlasMediaGroup/critical-exploit-fix
Patches critical exploit in the command blocker
2023-03-08 19:53:51 -07:00
3deaaafb88 Patches critical exploit 2023-03-08 19:52:30 -07:00
2 changed files with 11 additions and 3 deletions

View File

@ -5,7 +5,7 @@
<groupId>me.totalfreedom</groupId>
<artifactId>TotalFreedomMod</artifactId>
<version>2022.06</version>
<version>2022.06.1</version>
<packaging>jar</packaging>
<properties>
@ -213,7 +213,7 @@
<dependency>
<groupId>org.jetbrains</groupId>
<artifactId>annotations</artifactId>
<version>23.0.0</version>
<version>24.0.1</version>
<scope>compile</scope>
</dependency>

View File

@ -24,7 +24,7 @@ import org.bukkit.plugin.SimplePluginManager;
public class CommandBlocker extends FreedomService
{
private final Pattern whitespacePattern = Pattern.compile("^/?( +)(.*)?");
private final Pattern flagPattern = Pattern.compile("(:([0-9]){5,})");
//
private final Map<String, CommandBlockerEntry> entryList = Maps.newHashMap();
@ -156,6 +156,14 @@ public class CommandBlocker extends FreedomService
// Format
command = command.toLowerCase().trim();
// Whitespaces
Matcher whitespaceMatcher = whitespacePattern.matcher(command);
if (whitespaceMatcher.matches() && whitespaceMatcher.groupCount() == 2)
{
command = whitespaceMatcher.group(2);
}
command = command.startsWith("/") ? command.substring(1) : command;
// Check for plugin specific commands