aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorNassim Jahnke <[email protected]>2024-05-09 16:09:06 +0200
committerNassim Jahnke <[email protected]>2024-05-09 16:09:06 +0200
commit79fc353ef87742930e0cc5b92ff84147eb108a0a (patch)
tree9d1fb7568d80946144b5f90ba427eeeef900773e
parent826d2e939b17c5af4f073a0eda8a9308c6f51f1f (diff)
downloadPaper-79fc353ef87742930e0cc5b92ff84147eb108a0a.tar.gz
Paper-79fc353ef87742930e0cc5b92ff84147eb108a0a.zip
Also add validation to spigot class
-rw-r--r--patches/server/0074-Handle-Item-Meta-Inconsistencies.patch37
-rw-r--r--patches/server/0139-Do-not-submit-profile-lookups-to-worldgen-threads.patch4
-rw-r--r--patches/server/0140-Basic-PlayerProfile-API.patch10
-rw-r--r--patches/server/0862-Fix-BanList-API.patch8
4 files changed, 48 insertions, 11 deletions
diff --git a/patches/server/0074-Handle-Item-Meta-Inconsistencies.patch b/patches/server/0074-Handle-Item-Meta-Inconsistencies.patch
index c8c45d26cd..35a4a67526 100644
--- a/patches/server/0074-Handle-Item-Meta-Inconsistencies.patch
+++ b/patches/server/0074-Handle-Item-Meta-Inconsistencies.patch
@@ -271,3 +271,40 @@ index 3f309c255097f6778854d710a5a045fa960a953f..c318552a2ac2710cea01ac449a469a0f
+ // Paper end
+
}
+diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
+index 358af0121ce3d87a9f51da2bae0699034c1560b4..866f9d00669923ee01ac97399cd78b5ee58f950f 100644
+--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
++++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
+@@ -37,6 +37,16 @@ public final class CraftPlayerProfile implements PlayerProfile {
+ boolean isValidSkullProfile = (gameProfile.getName() != null)
+ || gameProfile.getProperties().containsKey(CraftPlayerTextures.PROPERTY_NAME);
+ Preconditions.checkArgument(isValidSkullProfile, "The skull profile is missing a name or textures!");
++ // Paper start - Validate
++ Preconditions.checkArgument(gameProfile.getName().length() <= 16, "The name of the profile is longer than 16 characters");
++ final PropertyMap properties = gameProfile.getProperties();
++ Preconditions.checkArgument(properties.size() <= 16, "The profile contains more than 16 properties");
++ for (final Property property : properties.values()) {
++ Preconditions.checkArgument(property.name().length() <= 16, "The name of a property is longer than 16 characters");
++ Preconditions.checkArgument(property.value().length() <= Short.MAX_VALUE, "The value of a property is longer than 32767 characters");
++ Preconditions.checkArgument(property.signature() == null || property.signature().length() <= 1024, "The signature of a property is longer than 1024 characters");
++ }
++ // Paper end - Validate
+ return gameProfile;
+ }
+
+@@ -53,6 +63,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
+
+ public CraftPlayerProfile(UUID uniqueId, String name) {
+ Preconditions.checkArgument((uniqueId != null) || !StringUtils.isBlank(name), "uniqueId is null or name is blank");
++ Preconditions.checkArgument(name == null || name.length() <= 16, "The name of the profile is longer than 16 characters"); // Paper - Validate
+ this.uniqueId = (uniqueId == null) ? Util.NIL_UUID : uniqueId;
+ this.name = (name == null) ? "" : name;
+ }
+@@ -89,6 +100,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
+ // Assert: (property == null) || property.getName().equals(propertyName)
+ this.removeProperty(propertyName);
+ if (property != null) {
++ Preconditions.checkArgument(this.properties.size() < 16, "The profile contains more than 16 properties"); // Paper - Validate
+ this.properties.put(property.name(), property);
+ }
+ }
diff --git a/patches/server/0139-Do-not-submit-profile-lookups-to-worldgen-threads.patch b/patches/server/0139-Do-not-submit-profile-lookups-to-worldgen-threads.patch
index e660ce370c..3b7ee69e84 100644
--- a/patches/server/0139-Do-not-submit-profile-lookups-to-worldgen-threads.patch
+++ b/patches/server/0139-Do-not-submit-profile-lookups-to-worldgen-threads.patch
@@ -63,10 +63,10 @@ index 6097e0ab387cfa4c2c9ab0389fc5bb6cd899ecc3..ebba6bc5b337d19e32be5a78294501ed
public static void clear() {
diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
-index 358af0121ce3d87a9f51da2bae0699034c1560b4..edd340c66ea8cec1c76ba29f1deab14c4784a7e5 100644
+index 866f9d00669923ee01ac97399cd78b5ee58f950f..6f0edd4d1c473179c03253326a3c7b5910ec53ad 100644
--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
+++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
-@@ -122,7 +122,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
+@@ -134,7 +134,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
@Override
public CompletableFuture<PlayerProfile> update() {
diff --git a/patches/server/0140-Basic-PlayerProfile-API.patch b/patches/server/0140-Basic-PlayerProfile-API.patch
index 77ecf1f808..76272eb077 100644
--- a/patches/server/0140-Basic-PlayerProfile-API.patch
+++ b/patches/server/0140-Basic-PlayerProfile-API.patch
@@ -688,7 +688,7 @@ index f6012feafe1dbbf9c52ac38965d9475896766657..a7554f2028f93867360c27a51c9580a8
// Paper end
}
diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
-index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c714d0e052b 100644
+index 6f0edd4d1c473179c03253326a3c7b5910ec53ad..e3a244dac35bf4d5d10e41c200aaa7f93e278ef9 100644
--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
+++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
@@ -28,7 +28,7 @@ import org.bukkit.profile.PlayerProfile;
@@ -700,7 +700,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
@Nonnull
public static GameProfile validateSkullProfile(@Nonnull GameProfile gameProfile) {
-@@ -93,8 +93,10 @@ public final class CraftPlayerProfile implements PlayerProfile {
+@@ -105,8 +105,10 @@ public final class CraftPlayerProfile implements PlayerProfile {
}
}
@@ -713,7 +713,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
}
void rebuildDirtyProperties() {
-@@ -237,6 +239,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
+@@ -249,6 +251,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
@Override
public Map<String, Object> serialize() {
@@ -721,7 +721,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
Map<String, Object> map = new LinkedHashMap<>();
if (this.getUniqueId() != null) {
map.put("uniqueId", this.getUniqueId().toString());
-@@ -252,10 +255,12 @@ public final class CraftPlayerProfile implements PlayerProfile {
+@@ -264,10 +267,12 @@ public final class CraftPlayerProfile implements PlayerProfile {
});
map.put("properties", propertiesData);
}
@@ -734,7 +734,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
UUID uniqueId = ConfigSerializationUtil.getUuid(map, "uniqueId", true);
String name = ConfigSerializationUtil.getString(map, "name", true);
-@@ -269,7 +274,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
+@@ -281,7 +286,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
profile.properties.put(property.name(), property);
}
}
diff --git a/patches/server/0862-Fix-BanList-API.patch b/patches/server/0862-Fix-BanList-API.patch
index ad75aaf764..424bd4c9d0 100644
--- a/patches/server/0862-Fix-BanList-API.patch
+++ b/patches/server/0862-Fix-BanList-API.patch
@@ -208,7 +208,7 @@ index 172202accf4448a933fcf1ff820316c7910dd7f7..50ee7656580d386db473c054f5c5ec57
return null;
}
diff --git a/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java b/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
-index 7c039d79b6fba3358daaaf8894e05d9493fa6af8..1c264135c34117407bfbb2d230e2ea1f9ebd0671 100644
+index 4603752c6ddb75b400afc48971523530fafe8623..5caf63605829e3df994ff22c4351234625d4dc24 100644
--- a/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
+++ b/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
@@ -1733,23 +1733,23 @@ public class CraftPlayer extends CraftHumanEntity implements Player {
@@ -256,7 +256,7 @@ index 7c039d79b6fba3358daaaf8894e05d9493fa6af8..1c264135c34117407bfbb2d230e2ea1f
}
diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
-index 6f779c6f4422c5b5dc22f66e3e702c714d0e052b..41336821d4e0430e19f2fc021f09430d7a1302f6 100644
+index e3a244dac35bf4d5d10e41c200aaa7f93e278ef9..c7cd9081fa7e0b5e436e168515d051cd15a33706 100644
--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
+++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
@@ -28,7 +28,7 @@ import org.bukkit.profile.PlayerProfile;
@@ -268,7 +268,7 @@ index 6f779c6f4422c5b5dc22f66e3e702c714d0e052b..41336821d4e0430e19f2fc021f09430d
@Nonnull
public static GameProfile validateSkullProfile(@Nonnull GameProfile gameProfile) {
-@@ -123,7 +123,7 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
+@@ -135,7 +135,7 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
}
@Override
@@ -277,7 +277,7 @@ index 6f779c6f4422c5b5dc22f66e3e702c714d0e052b..41336821d4e0430e19f2fc021f09430d
return CompletableFuture.supplyAsync(this::getUpdatedProfile, Util.PROFILE_EXECUTOR); // Paper - don't submit BLOCKING PROFILE LOOKUPS to the world gen thread
}
-@@ -277,4 +277,71 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
+@@ -289,4 +289,71 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
// Paper - diff on change
return profile;
}