From 4acd0f49e07e0912096e79494472535baf0db2ab Mon Sep 17 00:00:00 2001 From: md_5 Date: Thu, 20 Apr 2017 21:45:42 +1000 Subject: [PATCH] Enforce proper limits on books. --- .../craftbukkit/inventory/CraftMetaBook.java | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java b/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java index 2ed6ad72dc..520e7f0f10 100644 --- a/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java +++ b/src/main/java/org/bukkit/craftbukkit/inventory/CraftMetaBook.java @@ -29,8 +29,9 @@ public class CraftMetaBook extends CraftMetaItem implements BookMeta { static final ItemMetaKey BOOK_PAGES = new ItemMetaKey("pages"); static final ItemMetaKey RESOLVED = new ItemMetaKey("resolved"); static final ItemMetaKey GENERATION = new ItemMetaKey("generation"); - static final int MAX_PAGE_LENGTH = Short.MAX_VALUE; // TODO: Check me - static final int MAX_TITLE_LENGTH = 0xffff; + static final int MAX_PAGES = 50; + static final int MAX_PAGE_LENGTH = 256; + static final int MAX_TITLE_LENGTH = 16; protected String title; protected String author; @@ -68,7 +69,7 @@ public class CraftMetaBook extends CraftMetaItem implements BookMeta { if (tag.hasKey(RESOLVED.NBT)) { resolved = tag.getBoolean(RESOLVED.NBT); } - + if (tag.hasKey(GENERATION.NBT)) { generation = tag.getInt(GENERATION.NBT); } @@ -106,7 +107,7 @@ public class CraftMetaBook extends CraftMetaItem implements BookMeta { } } } - + generation = SerializableMeta.getObject(Integer.class, map, GENERATION.BUKKIT, true); } @@ -235,6 +236,10 @@ public class CraftMetaBook extends CraftMetaItem implements BookMeta { public void addPage(final String... pages) { for (String page : pages) { + if (this.pages.size() >= MAX_PAGES) { + return; + } + if (page == null) { page = ""; } else if (page.length() > MAX_PAGE_LENGTH) { @@ -342,7 +347,7 @@ public class CraftMetaBook extends CraftMetaItem implements BookMeta { } builder.put(BOOK_PAGES.BUKKIT, pagesString); } - + if (generation != null) { builder.put(GENERATION.BUKKIT, generation); }