Mirror von
https://github.com/PaperMC/Velocity.git
synchronisiert 2024-12-24 23:30:26 +01:00
Strictly limit the hostname size and limit it to ASCII characters only
Dieser Commit ist enthalten in:
Ursprung
4219bf7b09
Commit
4f6d238b39
@ -102,7 +102,7 @@ public enum ProtocolUtils {
|
||||
}
|
||||
|
||||
/**
|
||||
* Reads a VarInt length-prefixed string from the {@code buf}, making sure to not go over
|
||||
* Reads a VarInt length-prefixed UTF-8 string from the {@code buf}, making sure to not go over
|
||||
* {@code cap} size.
|
||||
* @param buf the buffer to read from
|
||||
* @param cap the maximum size of the string, in UTF-8 character length
|
||||
@ -113,6 +113,24 @@ public enum ProtocolUtils {
|
||||
return readString(buf, cap, length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Reads a VarInt length-prefixed ASCII string from the {@code buf}, making sure to not go over
|
||||
* {@code cap} size. This method is specialized for select parts of the Minecraft protocol where
|
||||
* ASCII characters are guaranteed to be used.
|
||||
*
|
||||
* @param buf the buffer to read from
|
||||
* @param cap the maximum size of the string, in UTF-8 character length
|
||||
* @return the decoded string
|
||||
*/
|
||||
public static String readAsciiString(ByteBuf buf, int cap) {
|
||||
int length = readVarInt(buf);
|
||||
checkFrame(length >= 0, "Got a negative-length string (%s)", length);
|
||||
checkFrame(length <= cap, "Bad string size (got %s, maximum is %s)", length, cap);
|
||||
String str = buf.toString(buf.readerIndex(), length, StandardCharsets.US_ASCII);
|
||||
buf.skipBytes(length);
|
||||
return str;
|
||||
}
|
||||
|
||||
private static String readString(ByteBuf buf, int cap, int length) {
|
||||
checkFrame(length >= 0, "Got a negative-length string (%s)", length);
|
||||
// `cap` is interpreted as a UTF-8 character length. To cover the full Unicode plane, we must
|
||||
|
@ -1,13 +1,19 @@
|
||||
package com.velocitypowered.proxy.protocol.packet;
|
||||
|
||||
import static com.velocitypowered.proxy.connection.forge.legacy.LegacyForgeConstants.HANDSHAKE_HOSTNAME_TOKEN;
|
||||
|
||||
import com.velocitypowered.api.network.ProtocolVersion;
|
||||
import com.velocitypowered.proxy.connection.MinecraftSessionHandler;
|
||||
import com.velocitypowered.proxy.connection.forge.legacy.LegacyForgeConstants;
|
||||
import com.velocitypowered.proxy.protocol.MinecraftPacket;
|
||||
import com.velocitypowered.proxy.protocol.ProtocolUtils;
|
||||
import io.netty.buffer.ByteBuf;
|
||||
|
||||
public class Handshake implements MinecraftPacket {
|
||||
|
||||
// This size was chosen to ensure Forge clients can still connect even with very long hostnames.
|
||||
// While DNS technically allows any character to be used, in practice ASCII is used.
|
||||
private static final int MAXIMUM_HOSTNAME_LENGTH = 255 + HANDSHAKE_HOSTNAME_TOKEN.length() + 1;
|
||||
private ProtocolVersion protocolVersion;
|
||||
private String serverAddress = "";
|
||||
private int port;
|
||||
@ -59,7 +65,7 @@ public class Handshake implements MinecraftPacket {
|
||||
public void decode(ByteBuf buf, ProtocolUtils.Direction direction, ProtocolVersion ignored) {
|
||||
int realProtocolVersion = ProtocolUtils.readVarInt(buf);
|
||||
this.protocolVersion = ProtocolVersion.getProtocolVersion(realProtocolVersion);
|
||||
this.serverAddress = ProtocolUtils.readString(buf);
|
||||
this.serverAddress = ProtocolUtils.readAsciiString(buf, MAXIMUM_HOSTNAME_LENGTH);
|
||||
this.port = buf.readUnsignedShort();
|
||||
this.nextStatus = ProtocolUtils.readVarInt(buf);
|
||||
}
|
||||
|
Laden…
In neuem Issue referenzieren
Einen Benutzer sperren