Upstream/BungeeCord
1
0
Fork 0
mirror of https://github.com/SpigotMC/BungeeCord.git synced 2024-06-27 07:04:44 +02:00
Code Issues Projects Releases Wiki Activity

#3377: Add additional checks for protocol length limits

Browse Source
This commit is contained in:
Outfluencer 2022-08-16 11:26:33 +02:00 committed by GitHub
parent 696315615d
commit 5cdba87b87
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
protocol/src/main/java/net/md_5/bungee/protocol/DefinedPacket.java
View File

@ -21,12 +21,22 @@ public abstract class DefinedPacket
public static void writeString(String s, ByteBuf buf)
{
if ( s.length() > Short.MAX_VALUE )
writeString( s, buf, Short.MAX_VALUE );
}
public static void writeString(String s, ByteBuf buf, int maxLength)
{
if ( s.length() > maxLength )
{
throw new OverflowPacketException( "Cannot send string longer than Short.MAX_VALUE (got " + s.length() + " characters)" );
throw new OverflowPacketException( "Cannot send string longer than " + maxLength + " (got " + s.length() + " characters)" );
}
byte[] b = s.getBytes( Charsets.UTF_8 );
if ( b.length > maxLength * 3 )
{
throw new OverflowPacketException( "Cannot send string longer than " + ( maxLength * 3 ) + " (got " + b.length + " bytes)" );
}
writeVarInt( b.length, buf );
buf.writeBytes( b );
}
@ -39,15 +49,14 @@ public abstract class DefinedPacket
public static String readString(ByteBuf buf, int maxLen)
{
int len = readVarInt( buf );
if ( len > maxLen * 4 )
if ( len > maxLen * 3 )
{
throw new OverflowPacketException( "Cannot receive string longer than " + maxLen * 4 + " (got " + len + " bytes)" );
throw new OverflowPacketException( "Cannot receive string longer than " + maxLen * 3 + " (got " + len + " bytes)" );
}
byte[] b = new byte[ len ];
buf.readBytes( b );
String s = buf.toString( buf.readerIndex(), len, Charsets.UTF_8 );
buf.readerIndex( buf.readerIndex() + len );
String s = new String( b, Charsets.UTF_8 );
if ( s.length() > maxLen )
{
throw new OverflowPacketException( "Cannot receive string longer than " + maxLen + " (got " + s.length() + " characters)" );
@ -275,7 +284,7 @@ public abstract class DefinedPacket
{
if ( buf.readBoolean() )
{
return new PlayerPublicKey( buf.readLong(), readArray( buf ), readArray( buf ) );
return new PlayerPublicKey( buf.readLong(), readArray( buf, 512 ), readArray( buf, 4096 ) );
}
return null;

2
protocol/src/main/java/net/md_5/bungee/protocol/packet/Chat.java
View File

@ -54,7 +54,7 @@ public class Chat extends DefinedPacket
@Override
public void write(ByteBuf buf, ProtocolConstants.Direction direction, int protocolVersion)
{
writeString( message, buf );
writeString( message, buf, ( direction == ProtocolConstants.Direction.TO_CLIENT ) ? 262144 : ( protocolVersion >= ProtocolConstants.MINECRAFT_1_11 ? 256 : 100 ) );
if ( direction == ProtocolConstants.Direction.TO_CLIENT )
{
buf.writeByte( position );

2
protocol/src/main/java/net/md_5/bungee/protocol/packet/ServerData.java
View File

@ -47,7 +47,7 @@ public class ServerData extends DefinedPacket
if ( motd != null )
{
buf.writeBoolean( true );
writeString( motd, buf );
writeString( motd, buf, 262144 );
} else
{
buf.writeBoolean( false );

2
protocol/src/main/java/net/md_5/bungee/protocol/packet/SystemChat.java
View File

@ -30,7 +30,7 @@ public class SystemChat extends DefinedPacket
@Override
public void write(ByteBuf buf, ProtocolConstants.Direction direction, int protocolVersion)
{
writeString( message, buf );
writeString( message, buf, 262144 );
if ( protocolVersion >= ProtocolConstants.MINECRAFT_1_19_1 )
{
buf.writeBoolean( position == ChatMessageType.ACTION_BAR.ordinal() );