c0d07c1b67
Upstream has released updates that appears to apply and compile correctly. This update has not been tested by PaperMC and as with ANY update, please do your own testing Bukkit Changes: f009c3dd SPIGOT-5810, SPIGOT-5835: 'Better' handling of Player.isOnGround e677c370 Update ECJ version 5058a35d SPIGOT-5860: Item.setItemStack should be NotNull CraftBukkit Changes:d77f4d9b
SPIGOT-5810, SPIGOT-5835: 'Better' handling of Player.isOnGround53c95627
SPIGOT-5865: Piglin does not trigger EntityPickupItemEvent2ab04d24
Update ECJ version7884e079
SPIGOT-5868: Blocks do not tick in custom nether / end2a848286
SPIGOT-5863: Don't check colour in scoreboard length validationf2cbce30
SPIGOT-5866: Beehive unknown TargetReason Spigot Changes: ad703da0 SPIGOT-5870: /plugins "website" field shows "version" 1a27cfd8 #98: Improve output of /plugins command using text components 732d5bab Disable checkstyle in Spigot blocks 0199a9a6 #97: Add Memory Usage to Ticks Per Second Command. 33ea98fc SPIGOT-5858: NPE: Joining the server with an invalid dimension
27 Zeilen
1.8 KiB
Diff
27 Zeilen
1.8 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Aikar <aikar@aikar.co>
|
|
Date: Sat, 2 May 2020 03:09:46 -0400
|
|
Subject: [PATCH] Validate PickItem Packet and kick for invalid
|
|
|
|
|
|
diff --git a/src/main/java/net/minecraft/server/PlayerConnection.java b/src/main/java/net/minecraft/server/PlayerConnection.java
|
|
index 26f659d0ab20bbe365419e8ff38214926e039e2a..93536306c39c1ee574d45f39e8e40df3540c6e51 100644
|
|
--- a/src/main/java/net/minecraft/server/PlayerConnection.java
|
|
+++ b/src/main/java/net/minecraft/server/PlayerConnection.java
|
|
@@ -697,7 +697,14 @@ public class PlayerConnection implements PacketListenerPlayIn {
|
|
@Override
|
|
public void a(PacketPlayInPickItem packetplayinpickitem) {
|
|
PlayerConnectionUtils.ensureMainThread(packetplayinpickitem, this, this.player.getWorldServer());
|
|
- this.player.inventory.c(packetplayinpickitem.b());
|
|
+ // Paper start - validate pick item position
|
|
+ if (!(packetplayinpickitem.b() >= 0 && packetplayinpickitem.b() < this.player.inventory.items.size())) {
|
|
+ PlayerConnection.LOGGER.warn("{} tried to set an invalid carried item", this.player.getDisplayName().getString());
|
|
+ this.disconnect("Invalid hotbar selection (Hacking?)");
|
|
+ return;
|
|
+ }
|
|
+ this.player.inventory.c(packetplayinpickitem.b()); // Paper - Diff above if changed
|
|
+ // Paper end
|
|
this.player.playerConnection.sendPacket(new PacketPlayOutSetSlot(-2, this.player.inventory.itemInHandIndex, this.player.inventory.getItem(this.player.inventory.itemInHandIndex)));
|
|
this.player.playerConnection.sendPacket(new PacketPlayOutSetSlot(-2, packetplayinpickitem.b(), this.player.inventory.getItem(packetplayinpickitem.b())));
|
|
this.player.playerConnection.sendPacket(new PacketPlayOutHeldItemSlot(this.player.inventory.itemInHandIndex));
|