Paper/patches/server/0299-Limit-Client-Sign-length-more.patch
Nassim Jahnke efd47e3a68
Updated Upstream (Bukkit/CraftBukkit/Spigot) (#9188)
* Updated Upstream (Bukkit/CraftBukkit/Spigot)

Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
2fcba9b2 SPIGOT-7347: Add missing documentation and details to ShapedRecipe
c278419d PR-854: Move getHighestBlockYAt methods from World to RegionAccessor
201399fb PR-853: Add API for directly setting Display transformation matrices
ecfa559a PR-849: Add InventoryView#setTitle
653d7edb SPIGOT-519: Add TNTPrimeEvent
22fccc09 PR-846: Add method to get chunk load level
a070a52c PR-844: Add methods to convert Vector to and from JOML vectors
cc7111fe PR-276: Add accessors to Wither's invulnerability ticks
777d24e9 SPIGOT-7209: Accessors and events for player's exp cooldown
ccb2d01b SPIGOT-6308: Deprecate the location name property of map items
cd04a31b PR-780: Add PlayerSpawnChangeEvent
7d1f5b64 SPIGOT-6780: Improve documentation for World#spawnFallingBlock
5696668a SPIGOT-6885: Add test and easier to debug code for reference in yaml configuration comments
2e13cff7 PR-589: Expand the FishHook API
2c7d3da5 PR-279: Minor edits to various Javadocs

CraftBukkit Changes:
01b2e1af4 SPIGOT-7346: Disallow players from executing commands after disconnecting
7fe5ee022 PR-1186: Move getHighestBlockYAt methods from World to RegionAccessor
bcc85ef67 PR-1185: Add API for directly setting Display transformation matrices
a7cfc778f PR-1176: Add InventoryView#setTitle
563d42226 SPIGOT-519: Add TNTPrimeEvent
ccbc6abca Add test for Chunk.LoadLevel mirroring
2926e0513 PR-1171: Add method to get chunk load level
63cad7f84 PR-375: Add accessors to Wither's invulnerability ticks
bfd8b1ac8 SPIGOT-7209: Accessors and events for player's exp cooldown
f92a41c39 PR-1181: Consolidate Location conversion code
10f866759 SPIGOT-6308: Deprecate the location name property of map items
82f7b658a PR-1095: Add PlayerSpawnChangeEvent
b421af7e4 PR-808: Expand the FishHook API
598ad7b3f Increase outdated build delay

Spigot Changes:
d1bd3bd2 Rebuild patches
e4265cc8 SPIGOT-7297: Entity Tracking Range option for Display entities

* Work around javac bug

* Call PlayerSpawnChangeEvent

* Updated Upstream (Bukkit/CraftBukkit/Spigot)

Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
2fcba9b2 SPIGOT-7347: Add missing documentation and details to ShapedRecipe
c278419d PR-854: Move getHighestBlockYAt methods from World to RegionAccessor
201399fb PR-853: Add API for directly setting Display transformation matrices

CraftBukkit Changes:
01b2e1af4 SPIGOT-7346: Disallow players from executing commands after disconnecting
7fe5ee022 PR-1186: Move getHighestBlockYAt methods from World to RegionAccessor
bcc85ef67 PR-1185: Add API for directly setting Display transformation matrices

Spigot Changes:
7da74dae Rebuild patches
2023-05-12 13:10:08 +02:00

57 lines
3.1 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Aikar <aikar@aikar.co>
Date: Wed, 27 Feb 2019 22:18:40 -0500
Subject: [PATCH] Limit Client Sign length more
modified clients can send more data from the client
to the server and it would get stored on the sign as sent.
Mojang has a limit of 384 which is much higher than reasonable.
the client can barely render around 16 characters as-is, but formatting
codes can get it to be more than 16 actual length.
Set a limit of 80 which should give an average of 16 characters 2
sets of legacy formatting codes which should be plenty for all uses.
This does not strip any existing data from the NBT as plugins
may use this for storing data out of the rendered area.
it only impacts data sent from the client.
Set -DPaper.maxSignLength=XX to change limit or -1 to disable
diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
index b834142d8b7eae50b8b9a1b0edaa41f64b950f43..e9cbca84ad7c2c48445fbd0266c5792b12227cd7 100644
--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
@@ -300,6 +300,7 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
private final MessageSignatureCache messageSignatureCache;
private final FutureChain chatMessageChain;
private static final long KEEPALIVE_LIMIT = Long.getLong("paper.playerconnection.keepalive", 30) * 1000; // Paper - provide property to set keepalive limit
+ private static final int MAX_SIGN_LINE_LENGTH = Integer.getInteger("Paper.maxSignLength", 80); // Paper
public ServerGamePacketListenerImpl(MinecraftServer server, Connection connection, ServerPlayer player) {
this.lastChatTimeStamp = new AtomicReference(Instant.EPOCH);
@@ -3199,7 +3200,19 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
@Override
public void handleSignUpdate(ServerboundSignUpdatePacket packet) {
- List<String> list = (List) Stream.of(packet.getLines()).map(ChatFormatting::stripFormatting).collect(Collectors.toList());
+ // Paper start - cap line length - modified clients can send longer data than normal
+ String[] lines = packet.getLines();
+ for (int i = 0; i < lines.length; ++i) {
+ if (MAX_SIGN_LINE_LENGTH > 0 && lines[i].length() > MAX_SIGN_LINE_LENGTH) {
+ // This handles multibyte characters as 1
+ int offset = lines[i].codePoints().limit(MAX_SIGN_LINE_LENGTH).map(Character::charCount).sum();
+ if (offset < lines[i].length()) {
+ lines[i] = lines[i].substring(0, offset); // this will break any filtering, but filtering is NYI as of 1.17
+ }
+ }
+ }
+ List<String> list = (List) Stream.of(lines).map(ChatFormatting::stripFormatting).collect(Collectors.toList());
+ // Paper end
this.filterTextPacket(list).thenAcceptAsync((list1) -> {
this.updateSignText(packet, list1);