Upstream
/
Paper
mirror of https://github.com/PaperMC/Paper.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge 083ec9454f into 8f7ac62905

This commit is contained in:
Jake Potrebic 2024-04-29 08:33:37 +02:00 committed by GitHub
parent 8f7ac62905 083ec9454f
commit bc448cbc18
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 159 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

159
patches/server/1038-Prevent-sending-oversized-item-data-in-equipment-and.patch Normal file
View File

@ -0,0 +1,159 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Nassim Jahnke <nassim@njahnke.dev>
Date: Wed, 1 Dec 2021 12:36:25 +0100
Subject: [PATCH] Prevent sending oversized item data in equipment and metadata
Co-authored-by: Jake Potrebic <jake.m.potrebic@gmail.com>
diff --git a/src/main/java/io/papermc/paper/util/DataSanitizationUtil.java b/src/main/java/io/papermc/paper/util/DataSanitizationUtil.java
new file mode 100644
index 0000000000000000000000000000000000000000..239d63d557638aa8efe95c0900d803c2a23ae361
--- /dev/null
+++ b/src/main/java/io/papermc/paper/util/DataSanitizationUtil.java
@@ -0,0 +1,46 @@
+package io.papermc.paper.util;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.Function;
+import net.minecraft.network.RegistryFriendlyByteBuf;
+import net.minecraft.network.codec.StreamCodec;
+import net.minecraft.world.item.ItemStack;
+import net.minecraft.world.item.Items;
+import net.minecraft.world.item.component.BundleContents;
+import net.minecraft.world.item.component.ItemContainerContents;
+import org.checkerframework.checker.nullness.qual.NonNull;
+import org.checkerframework.framework.qual.DefaultQualifier;
+
+@DefaultQualifier(NonNull.class)
+public final class DataSanitizationUtil {
+
+ public static final ThreadLocal<Boolean> DATA_SANITIZATION = ThreadLocal.withInitial(() -> false);
+
+ public static final StreamCodec<RegistryFriendlyByteBuf, ItemContainerContents> STRIPPED_CONTAINER_STREAM_CODEC = ItemContainerContents.STREAM_CODEC.map(
+ Function.identity(),
+ contents -> DATA_SANITIZATION.get() ? ItemContainerContents.EMPTY : contents
+ );
+
+ public static StreamCodec<RegistryFriendlyByteBuf, BundleContents> STRIPPED_BUNDLE_STREAM_CODEC = BundleContents.STREAM_CODEC.map(
+ Function.identity(),
+ contents -> {
+ if (!DATA_SANITIZATION.get()) {
+ return contents;
+ }
+ // Bundles change their texture based on their fullness.
+ int sizeUsed = 0;
+ for (ItemStack item : contents.items()) {
+ int scale = 64 / item.getMaxStackSize();
+ sizeUsed += scale * item.getCount();
+ }
+ // Now we add a single fake item that uses the same amount of slots as all other items.
+ List<ItemStack> items = new ArrayList<>();
+ items.add(new ItemStack(Items.PAPER, sizeUsed));
+ return new BundleContents(items);
+ }
+ );
+
+ private DataSanitizationUtil() {
+ }
+}
diff --git a/src/main/java/net/minecraft/core/component/DataComponents.java b/src/main/java/net/minecraft/core/component/DataComponents.java
index 5632974af9c603d333ffc30a5a1b1e851821a3bb..1608e862055cfa3e2afc04b6d2355dc107cef229 100644
--- a/src/main/java/net/minecraft/core/component/DataComponents.java
+++ b/src/main/java/net/minecraft/core/component/DataComponents.java
@@ -142,7 +142,7 @@ public class DataComponents {
"charged_projectiles", builder -> builder.persistent(ChargedProjectiles.CODEC).networkSynchronized(ChargedProjectiles.STREAM_CODEC).cacheEncoding()
);
public static final DataComponentType<BundleContents> BUNDLE_CONTENTS = register(
- "bundle_contents", builder -> builder.persistent(BundleContents.CODEC).networkSynchronized(BundleContents.STREAM_CODEC).cacheEncoding()
+ "bundle_contents", builder -> builder.persistent(BundleContents.CODEC).networkSynchronized(io.papermc.paper.util.DataSanitizationUtil.STRIPPED_BUNDLE_STREAM_CODEC).cacheEncoding() // Paper - sanitize bundle contents
);
public static final DataComponentType<PotionContents> POTION_CONTENTS = register(
"potion_contents", builder -> builder.persistent(PotionContents.CODEC).networkSynchronized(PotionContents.STREAM_CODEC).cacheEncoding()
@@ -206,7 +206,7 @@ public class DataComponents {
"pot_decorations", builder -> builder.persistent(PotDecorations.CODEC).networkSynchronized(PotDecorations.STREAM_CODEC).cacheEncoding()
);
public static final DataComponentType<ItemContainerContents> CONTAINER = register(
- "container", builder -> builder.persistent(ItemContainerContents.CODEC).networkSynchronized(ItemContainerContents.STREAM_CODEC).cacheEncoding()
+ "container", builder -> builder.persistent(ItemContainerContents.CODEC).networkSynchronized(io.papermc.paper.util.DataSanitizationUtil.STRIPPED_CONTAINER_STREAM_CODEC).cacheEncoding() // Paper - sanitize container contents
);
public static final DataComponentType<BlockItemStateProperties> BLOCK_STATE = register(
"block_state", builder -> builder.persistent(BlockItemStateProperties.CODEC).networkSynchronized(BlockItemStateProperties.STREAM_CODEC).cacheEncoding()
diff --git a/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEntityDataPacket.java b/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEntityDataPacket.java
index 59c1c103545f04fd35e6932df64a9910a1d74cd7..a5736685c1caddbc39085b5a13c2c720c41c835b 100644
--- a/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEntityDataPacket.java
+++ b/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEntityDataPacket.java
@@ -19,9 +19,11 @@ public record ClientboundSetEntityDataPacket(int id, List<SynchedEntityData.Data
}
private static void pack(List<SynchedEntityData.DataValue<?>> trackedValues, RegistryFriendlyByteBuf buf) {
+ try { io.papermc.paper.util.DataSanitizationUtil.DATA_SANITIZATION.set(true); // Paper - data sanitization
for (SynchedEntityData.DataValue<?> dataValue : trackedValues) {
dataValue.write(buf);
}
+ } finally { io.papermc.paper.util.DataSanitizationUtil.DATA_SANITIZATION.set(false); } // Paper - data sanitization
buf.writeByte(255);
}
diff --git a/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEquipmentPacket.java b/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEquipmentPacket.java
index e092a486c4041ab1cfe9e29c88d0d94528a6e9a6..981668cee3a237b540750d6bfeedba8f500b603e 100644
--- a/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEquipmentPacket.java
+++ b/src/main/java/net/minecraft/network/protocol/game/ClientboundSetEquipmentPacket.java
@@ -17,8 +17,14 @@ public class ClientboundSetEquipmentPacket implements Packet<ClientGamePacketLis
private static final byte CONTINUE_MASK = -128;
private final int entity;
private final List<Pair<EquipmentSlot, ItemStack>> slots;
-
public ClientboundSetEquipmentPacket(int id, List<Pair<EquipmentSlot, ItemStack>> equipmentList) {
+ // Paper start - data sanitization
+ this(id, equipmentList, false);
+ }
+ private boolean sanitize = false;
+ public ClientboundSetEquipmentPacket(int id, List<Pair<EquipmentSlot, ItemStack>> equipmentList, boolean sanitize) {
+ this.sanitize = sanitize;
+ // Paper end - data sanitization
this.entity = id;
this.slots = equipmentList;
}
@@ -41,6 +47,7 @@ public class ClientboundSetEquipmentPacket implements Packet<ClientGamePacketLis
buf.writeVarInt(this.entity);
int i = this.slots.size();
+ try { if (this.sanitize) io.papermc.paper.util.DataSanitizationUtil.DATA_SANITIZATION.set(true); // Paper - data sanitization
for (int j = 0; j < i; j++) {
Pair<EquipmentSlot, ItemStack> pair = this.slots.get(j);
EquipmentSlot equipmentSlot = pair.getFirst();
@@ -49,6 +56,7 @@ public class ClientboundSetEquipmentPacket implements Packet<ClientGamePacketLis
buf.writeByte(bl ? k | -128 : k);
ItemStack.OPTIONAL_STREAM_CODEC.encode(buf, pair.getSecond());
}
+ } finally { if (this.sanitize) io.papermc.paper.util.DataSanitizationUtil.DATA_SANITIZATION.set(false); } // Paper - data sanitization
}
@Override
diff --git a/src/main/java/net/minecraft/server/level/ServerEntity.java b/src/main/java/net/minecraft/server/level/ServerEntity.java
index 4f103f731623a8570238a6867fda1c5f83fca4e4..5e377fd15c0efd2dc1e0919a97f4cdf6de56d681 100644
--- a/src/main/java/net/minecraft/server/level/ServerEntity.java
+++ b/src/main/java/net/minecraft/server/level/ServerEntity.java
@@ -353,7 +353,7 @@ public class ServerEntity {
}
if (!list.isEmpty()) {
- sender.accept(new ClientboundSetEquipmentPacket(this.entity.getId(), list));
+ sender.accept(new ClientboundSetEquipmentPacket(this.entity.getId(), list, true)); // Paper - data sanitization
}
((LivingEntity) this.entity).detectEquipmentUpdatesPublic(); // CraftBukkit - SPIGOT-3789: sync again immediately after sending
}
diff --git a/src/main/java/net/minecraft/world/entity/LivingEntity.java b/src/main/java/net/minecraft/world/entity/LivingEntity.java
index 1ba83df3c2717dbd027b02d4d69e50091977d35f..f43aac06fd1ccf48f49f841a8624ef287bc1be59 100644
--- a/src/main/java/net/minecraft/world/entity/LivingEntity.java
+++ b/src/main/java/net/minecraft/world/entity/LivingEntity.java
@@ -3312,7 +3312,7 @@ public abstract class LivingEntity extends Entity implements Attackable {
}
});
- ((ServerLevel) this.level()).getChunkSource().broadcast(this, new ClientboundSetEquipmentPacket(this.getId(), list));
+ ((ServerLevel) this.level()).getChunkSource().broadcast(this, new ClientboundSetEquipmentPacket(this.getId(), list, true)); // Paper - data sanitization
}
private ItemStack getLastArmorItem(EquipmentSlot slot) {

88
removed-patches-1-20-5/0675-Prevent-sending-oversized-item-data-in-equipment-and.patch
View File

@ -1,88 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Nassim Jahnke <nassim@njahnke.dev>
Date: Wed, 1 Dec 2021 12:36:25 +0100
Subject: [PATCH] Prevent sending oversized item data in equipment and metadata
TODO: Check if still needed with compacted items over the network and limits
diff --git a/src/main/java/net/minecraft/network/syncher/EntityDataSerializers.java b/src/main/java/net/minecraft/network/syncher/EntityDataSerializers.java
index 3ee4c01e4505241e575b8b2e96338ba27b793a2b..d70f77e4d5ca59c9f802ecb354fa8d53d1e10134 100644
--- a/src/main/java/net/minecraft/network/syncher/EntityDataSerializers.java
+++ b/src/main/java/net/minecraft/network/syncher/EntityDataSerializers.java
@@ -44,7 +44,7 @@ public class EntityDataSerializers {
public static final EntityDataSerializer<ItemStack> ITEM_STACK = new EntityDataSerializer<ItemStack>() {
@Override
public void write(FriendlyByteBuf buf, ItemStack value) {
- buf.writeItem(value);
+ buf.writeItem(net.minecraft.world.entity.LivingEntity.sanitizeItemStack(value, true)); // Paper - prevent oversized data
}
@Override
diff --git a/src/main/java/net/minecraft/server/level/ServerEntity.java b/src/main/java/net/minecraft/server/level/ServerEntity.java
index 91563f903834c1a0636dc087f8c6376815165b6c..a51564e8dce3c125ed5f05cc23548a05c1e79a95 100644
--- a/src/main/java/net/minecraft/server/level/ServerEntity.java
+++ b/src/main/java/net/minecraft/server/level/ServerEntity.java
@@ -335,7 +335,10 @@ public class ServerEntity {
ItemStack itemstack = ((LivingEntity) this.entity).getItemBySlot(enumitemslot);
if (!itemstack.isEmpty()) {
- list.add(Pair.of(enumitemslot, itemstack.copy()));
+ // Paper start - prevent oversized data
+ final ItemStack sanitized = LivingEntity.sanitizeItemStack(itemstack.copy(), false);
+ list.add(Pair.of(enumitemslot, sanitized));
+ // Paper end - prevent oversized data
}
}
diff --git a/src/main/java/net/minecraft/world/entity/LivingEntity.java b/src/main/java/net/minecraft/world/entity/LivingEntity.java
index ed6fd20ff608e764d6b0f517f6c9c85c533f1646..8025e351fb3e24aa67b31eca74be1bc368592851 100644
--- a/src/main/java/net/minecraft/world/entity/LivingEntity.java
+++ b/src/main/java/net/minecraft/world/entity/LivingEntity.java
@@ -3208,7 +3208,10 @@ public abstract class LivingEntity extends Entity implements Attackable {
equipmentChanges.forEach((enumitemslot, itemstack) -> {
ItemStack itemstack1 = itemstack.copy();
- list.add(Pair.of(enumitemslot, itemstack1));
+ // Paper start - prevent oversized data
+ ItemStack toSend = sanitizeItemStack(itemstack1, true);
+ list.add(Pair.of(enumitemslot, toSend));
+ // Paper end - prevent oversized data
switch (enumitemslot.getType()) {
case HAND:
this.setLastHandItem(enumitemslot, itemstack1);
@@ -3221,6 +3224,34 @@ public abstract class LivingEntity extends Entity implements Attackable {
((ServerLevel) this.level()).getChunkSource().broadcast(this, new ClientboundSetEquipmentPacket(this.getId(), list));
}
+ // Paper start - prevent oversized data
+ public static ItemStack sanitizeItemStack(final ItemStack itemStack, final boolean copyItemStack) {
+ if (itemStack.isEmpty() || !itemStack.hasTag()) {
+ return itemStack;
+ }
+
+ final ItemStack copy = copyItemStack ? itemStack.copy() : itemStack;
+ final CompoundTag tag = copy.getTag();
+ if (copy.is(Items.BUNDLE) && tag.get("Items") instanceof ListTag oldItems && !oldItems.isEmpty()) {
+ // Bundles change their texture based on their fullness.
+ org.bukkit.inventory.meta.BundleMeta bundleMeta = (org.bukkit.inventory.meta.BundleMeta) copy.asBukkitMirror().getItemMeta();
+ int sizeUsed = 0;
+ for (org.bukkit.inventory.ItemStack item : bundleMeta.getItems()) {
+ int scale = 64 / item.getMaxStackSize();
+ sizeUsed += scale * item.getAmount();
+ }
+ // Now we add a single fake item that uses the same amount of slots as all other items.
+ ListTag items = new ListTag();
+ items.add(new ItemStack(Items.PAPER, sizeUsed).save(new CompoundTag()));
+ tag.put("Items", items);
+ }
+ if (tag.get("BlockEntityTag") instanceof CompoundTag blockEntityTag) {
+ blockEntityTag.remove("Items");
+ }
+ return copy;
+ }
+ // Paper end - prevent oversized data
+
private ItemStack getLastArmorItem(EquipmentSlot slot) {
return (ItemStack) this.lastArmorItemStacks.get(slot.getIndex());
}