Removed vulnerabilities

Mainly leftover raw stacktrace prints in exceptions instead of propper
logging statements.
This commit is contained in:
Tastybento 2018-02-07 21:11:23 -08:00
parent b833b17d22
commit 2be005acb1
15 changed files with 78 additions and 57 deletions

View File

@ -70,7 +70,7 @@ public class Panel {
public void open(Player... players) {
for (Player player : players) {
player.openInventory(inventory);
PanelListenerManager.openPanels.put(player.getUniqueId(), this);
PanelListenerManager.getOpenPanels().put(player.getUniqueId(), this);
}
}
@ -81,7 +81,7 @@ public class Panel {
public void open(User... users) {
for (User user : users) {
user.getPlayer().openInventory(inventory);
PanelListenerManager.openPanels.put(user.getUniqueId(), this);
PanelListenerManager.getOpenPanels().put(user.getUniqueId(), this);
}
}

View File

@ -5,6 +5,8 @@ import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import org.bukkit.Bukkit;
public class MySQLDatabaseResourceCloser {
/**
@ -23,8 +25,7 @@ public class MySQLDatabaseResourceCloser {
try {
resultSet.close();
} catch (SQLException e) {
/* Do some exception-logging here. */
e.printStackTrace();
Bukkit.getLogger().severe("Could not close MySQL resultset");
}
}
}
@ -50,8 +51,7 @@ public class MySQLDatabaseResourceCloser {
try {
statement.close();
} catch (SQLException e) {
/* Do some exception-logging here. */
e.printStackTrace();
Bukkit.getLogger().severe("Could not close MySQL statement");
}
}
}
@ -72,8 +72,7 @@ public class MySQLDatabaseResourceCloser {
try {
connection.close();
} catch (SQLException e) {
/* Do some exception-logging here. */
e.printStackTrace();
Bukkit.getLogger().severe("Could not close MySQL connection");
}
}
}

View File

@ -81,7 +81,6 @@ public class IslandWorld {
}
} catch (Exception e) {
Bukkit.getLogger().severe("Not successfull! Disabling " + plugin.getName() + "!");
e.printStackTrace();
Bukkit.getServer().getPluginManager().disablePlugin(plugin);
}
}

View File

@ -19,7 +19,7 @@ public class PanelListenerManager implements Listener {
//private static final boolean DEBUG = false;
public static HashMap<UUID, Panel> openPanels = new HashMap<>();
private static HashMap<UUID, Panel> openPanels = new HashMap<>();
@EventHandler(priority = EventPriority.LOWEST)
public void onInventoryClick(InventoryClickEvent event) {
@ -28,11 +28,11 @@ public class PanelListenerManager implements Listener {
//UUID playerUUID = player.getUniqueId();
Inventory inventory = event.getInventory(); // The inventory that was
// Open the inventory panel that this player has open (they can only ever have one)
if (openPanels.containsKey(user.getUniqueId())) {
if (getOpenPanels().containsKey(user.getUniqueId())) {
// Check the name of the panel
if (inventory.getName().equals(openPanels.get(user.getUniqueId()).getInventory().getName())) {
if (inventory.getName().equals(getOpenPanels().get(user.getUniqueId()).getInventory().getName())) {
// Get the panel itself
Panel panel = openPanels.get(user.getUniqueId());
Panel panel = getOpenPanels().get(user.getUniqueId());
// Check that they clicked on a specific item
for (int slot : panel.getItems().keySet()) {
if (slot == event.getRawSlot()) {
@ -48,19 +48,26 @@ public class PanelListenerManager implements Listener {
}
} else {
// Wrong name - delete this panel
openPanels.remove(user.getUniqueId());
getOpenPanels().remove(user.getUniqueId());
}
}
}
@EventHandler(priority = EventPriority.LOWEST)
public void onInventoryClose(InventoryCloseEvent event) {
if (openPanels.containsKey(event.getPlayer().getUniqueId())) openPanels.remove(event.getPlayer().getUniqueId());
if (getOpenPanels().containsKey(event.getPlayer().getUniqueId())) getOpenPanels().remove(event.getPlayer().getUniqueId());
}
@EventHandler(priority = EventPriority.NORMAL)
public void onLogOut(PlayerQuitEvent event) {
if (openPanels.containsKey(event.getPlayer().getUniqueId())) openPanels.remove(event.getPlayer().getUniqueId());
if (getOpenPanels().containsKey(event.getPlayer().getUniqueId())) getOpenPanels().remove(event.getPlayer().getUniqueId());
}
/**
* @return the openPanels
*/
public static HashMap<UUID, Panel> getOpenPanels() {
return openPanels;
}
}

View File

@ -18,6 +18,7 @@ import us.tastybento.bskyblock.BSkyBlock;
import us.tastybento.bskyblock.api.commands.User;
import us.tastybento.bskyblock.api.flags.Flag;
import us.tastybento.bskyblock.api.flags.Flag.FlagType;
import us.tastybento.bskyblock.database.managers.island.IslandsManager;
import us.tastybento.bskyblock.database.objects.Island;
/**
@ -27,9 +28,16 @@ import us.tastybento.bskyblock.database.objects.Island;
*/
public abstract class AbstractFlagListener implements Listener {
public BSkyBlock plugin = BSkyBlock.getInstance();
private BSkyBlock plugin = BSkyBlock.getInstance();
private User user = null;
/**
* @return the plugin
*/
public BSkyBlock getPlugin() {
return plugin;
}
/**
* Used for unit testing only to set the plugin
* @param plugin
@ -47,13 +55,13 @@ public abstract class AbstractFlagListener implements Listener {
private boolean createEventUser(Event e) {
try {
// Use reflection to get the getPlayer method if it exists
Method getPlayer = e.getClass().getMethod("getPlayer");
if (getPlayer != null) {
setUser(User.getInstance((Player)getPlayer.invoke(e)));
return true;
}
} catch (Exception e1) { e1.printStackTrace();}
} catch (Exception e1) { // Do nothing
}
return false;
}
@ -147,7 +155,7 @@ public abstract class AbstractFlagListener implements Listener {
if (!inWorld(loc)) return true;
// Get the island and if present
Optional<Island> island = plugin.getIslands().getIslandAt(loc);
Optional<Island> island = getIslands().getIslandAt(loc);
// Handle Settings Flag
if (flag.getType().equals(FlagType.SETTING)) {
@ -201,4 +209,11 @@ public abstract class AbstractFlagListener implements Listener {
return plugin.getFlagsManager().getFlagByID(id);
}
/**
* Get the island database manager
* @return the island database manager
*/
protected IslandsManager getIslands() {
return plugin.getIslands();
}
}

View File

@ -94,7 +94,7 @@ public class BreakBlocksListener extends AbstractFlagListener {
if (inWorld(e.getVehicle()) && e.getAttacker() instanceof Player) {
User user = User.getInstance((Player) e.getAttacker());
// Get the island and if present, check the flag, react if required and return
plugin.getIslands().getIslandAt(e.getVehicle().getLocation()).ifPresent(x -> {
getIslands().getIslandAt(e.getVehicle().getLocation()).ifPresent(x -> {
if (!x.isAllowed(user, Flags.BREAK_BLOCKS)) {
e.setCancelled(true);
user.sendMessage("protection.protected");

View File

@ -40,7 +40,7 @@ public class FireListener extends AbstractFlagListener {
return;
}
// Check if the island exists and if fire is allowed
Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
island.ifPresent(x -> {
if (!x.isAllowed(Flags.FIRE_SPREAD)) e.setCancelled(true);
});
@ -59,7 +59,7 @@ public class FireListener extends AbstractFlagListener {
return;
}
// Check if the island exists and if fire is allowed
Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
island.ifPresent(x -> {
if (!x.isAllowed(Flags.FIRE_SPREAD)) e.setCancelled(true);
});
@ -82,7 +82,7 @@ public class FireListener extends AbstractFlagListener {
return;
}
// Check if the island exists and if fire is allowed
Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
island.ifPresent(x -> {
if (!x.isAllowed(Flags.FIRE)) e.setCancelled(true);
});
@ -135,7 +135,7 @@ public class FireListener extends AbstractFlagListener {
return;
}
// Check if the island exists and if fire is allowed
Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
island.ifPresent(x -> {
if (!x.isAllowed(Flags.FIRE)) e.setCancelled(true);
});

View File

@ -169,7 +169,7 @@ public class HurtingListener extends AbstractFlagListener {
UUID uuid = ((Player)projectile.getShooter()).getUniqueId();
// Store it and remove it when the effect is gone
thrownPotions.put(e.getAreaEffectCloud().getEntityId(), uuid);
plugin.getServer().getScheduler().runTaskLater(plugin, () -> {
getPlugin().getServer().getScheduler().runTaskLater(getPlugin(), () -> {
thrownPotions.remove(e.getAreaEffectCloud().getEntityId());
}, e.getAreaEffectCloud().getDuration());
}

View File

@ -41,7 +41,7 @@ public class MobSpawnListener extends AbstractFlagListener {
|| e.getSpawnReason().equals(SpawnReason.DEFAULT)
|| e.getSpawnReason().equals(SpawnReason.MOUNT)
|| e.getSpawnReason().equals(SpawnReason.NETHER_PORTAL)) {
Optional<Island> island = plugin.getIslands().getIslandAt(e.getLocation());
Optional<Island> island = getIslands().getIslandAt(e.getLocation());
if (island.isPresent()) {
if (e.getEntity() instanceof Monster || e.getEntity() instanceof Slime) {
if (!island.get().isAllowed(Flags.MOB_SPAWN)) {

View File

@ -45,8 +45,8 @@ public class PVPListener extends AbstractFlagListener {
public void onEntityDamage(final EntityDamageByEntityEvent e) {
if (e.getEntity() instanceof Player) {
Flag flag = Flags.PVP_OVERWORLD;
if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
respond(e, e.getDamager(), flag);
}
}
@ -73,8 +73,8 @@ public class PVPListener extends AbstractFlagListener {
public void onFishing(PlayerFishEvent e) {
if (e.getCaught() != null && e.getCaught() instanceof Player) {
Flag flag = Flags.PVP_OVERWORLD;
if (e.getCaught().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getCaught().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
if (e.getCaught().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getCaught().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
if (checkIsland(e, e.getCaught().getLocation(), flag)) {
e.getHook().remove();
return;
@ -90,8 +90,8 @@ public class PVPListener extends AbstractFlagListener {
public void onSplashPotionSplash(final PotionSplashEvent e) {
// Deduce the world
Flag flag = Flags.PVP_OVERWORLD;
if (e.getPotion().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getPotion().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
if (e.getPotion().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getPotion().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
// Try to get the thrower
Projectile projectile = (Projectile) e.getEntity();
@ -123,7 +123,7 @@ public class PVPListener extends AbstractFlagListener {
UUID uuid = ((Player)projectile.getShooter()).getUniqueId();
// Store it and remove it when the effect is gone
thrownPotions.put(e.getAreaEffectCloud().getEntityId(), uuid);
plugin.getServer().getScheduler().runTaskLater(plugin, () -> {
getPlugin().getServer().getScheduler().runTaskLater(getPlugin(), () -> {
thrownPotions.remove(e.getAreaEffectCloud().getEntityId());
}, e.getAreaEffectCloud().getDuration());
}
@ -138,8 +138,8 @@ public class PVPListener extends AbstractFlagListener {
if (e.getCause().equals(DamageCause.ENTITY_ATTACK) && thrownPotions.containsKey(e.getDamager().getEntityId())) {
// Deduce the world
Flag flag = Flags.PVP_OVERWORLD;
if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
else if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
UUID attacker = thrownPotions.get(e.getDamager().getEntityId());
// Self damage

View File

@ -4,6 +4,7 @@ import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import org.bukkit.Bukkit;
import org.bukkit.Material;
import us.tastybento.bskyblock.api.flags.Flag;
@ -127,8 +128,7 @@ public class Flags {
try {
return (Flag)field.get(null);
} catch (IllegalArgumentException | IllegalAccessException e) {
e.printStackTrace();
Bukkit.getLogger().severe("Could not get Flag values " + e.getMessage());
}
return null;
}).collect(Collectors.toList());

View File

@ -64,10 +64,7 @@ public final class AddonsManager {
try {
f.mkdir();
} catch (SecurityException e) {
e.printStackTrace();
if (DEBUG) {
Bukkit.getLogger().severe("Cannot create folder 'addons' (Permission ?)");
}
Bukkit.getLogger().severe("Cannot create folder 'addons' (Permission ?)");
}
}
@ -182,7 +179,7 @@ public final class AddonsManager {
try {
loader.close();
} catch (IOException e) {
e.printStackTrace();
// Do nothing
}
});
}

View File

@ -2,6 +2,7 @@ package us.tastybento.bskyblock.managers;
import java.io.File;
import java.io.FilenameFilter;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Locale;
@ -78,20 +79,24 @@ public final class LocalesManager {
try {
for (String name : lister.listJar(LOCALE_FOLDER)) {
// We cannot use Bukkit's saveResource, because we want it to go into a specific folder, so...
InputStream initialStream = plugin.getResource(name);
// Get the last part of the name
int lastIndex = name.lastIndexOf('/');
File targetFile = new File(localeDir, name.substring(lastIndex >= 0 ? lastIndex : 0, name.length()));
if (DEBUG)
plugin.getLogger().info("DEBUG: targetFile = " + targetFile.getAbsolutePath());
if (!targetFile.exists()) {
java.nio.file.Files.copy(initialStream, targetFile.toPath());
try (InputStream initialStream = plugin.getResource(name)) {
// Get the last part of the name
int lastIndex = name.lastIndexOf('/');
File targetFile = new File(localeDir, name.substring(lastIndex >= 0 ? lastIndex : 0, name.length()));
if (DEBUG)
plugin.getLogger().info("DEBUG: targetFile = " + targetFile.getAbsolutePath());
if (!targetFile.exists()) {
java.nio.file.Files.copy(initialStream, targetFile.toPath());
}
} catch (IOException e) {
plugin.getLogger().severe("Could not copy locale files from jar " + e.getMessage());
}
initialStream.close();
}
} catch (Exception e) {
e.printStackTrace();
} catch (IOException e) {
plugin.getLogger().severe("Could not copy locale files from jar " + e.getMessage());
}
}
// Store all the locales available

View File

@ -287,7 +287,7 @@ public class Util {
config = new YamlConfiguration();
config.load(yamlFile);
} catch (Exception e) {
e.printStackTrace();
plugin.getLogger().severe("Could not load yml file " + e.getMessage());
}
} else {
// Create the missing file

View File

@ -40,7 +40,6 @@ public class PlaceholderHandler {
} catch (Exception e){
// Should never happen.
plugin.getLogger().severe("Failed to load default placeholder API");
e.printStackTrace();
}
// Load hooks