ab347c4c96
Upstream has released updates that appears to apply and compile correctly. This update has not been tested by PaperMC and as with ANY update, please do your own testing Bukkit Changes: 42d5a714 SPIGOT-5899: Hoglins API similar to Piglins 2c1ee10e SPIGOT-5887: ClickType doesn't include off hand swaps 5ff7c7ce SPIGOT-5886: Missing BlockData CraftBukkit Changes:7560f5f5
SPIGOT-5905: Fix hex colours not being allowed in MOTDd47c47ee
SPIGOT-5889: Villager using composter should call EntityChangeBlockEvent2fe6b4a3
SPIGOT-5899: Hoglins API similar to Piglinse09dbeca
SPIGOT-5887: ClickType doesn't include off hand swaps23aac2a5
SPIGOT-5903: EntityDismountEvent cannot be triggered asynchronously92cbf656
SPIGOT-5884: Tab completions lost on reloadData / minecraft:reloadfb4e54ad
SPIGOT-5902: PlayerRespawnEvent places player at spawn before event is calledaa8f3d5a
SPIGOT-5901: Structures are generated in all worlds based on the setting for the main worlda0c35937
SPIGOT-5895: PlayerChangedWorldEvent#getFrom is incorrect89c0a5c3
SPIGOT-5886: Missing BlockData Spigot Changes: 0287a20d SPIGOT-5903: EntityDismountEvent cannot be triggered asynchronously
27 Zeilen
1.8 KiB
Diff
27 Zeilen
1.8 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Aikar <aikar@aikar.co>
|
|
Date: Sat, 2 May 2020 03:09:46 -0400
|
|
Subject: [PATCH] Validate PickItem Packet and kick for invalid
|
|
|
|
|
|
diff --git a/src/main/java/net/minecraft/server/PlayerConnection.java b/src/main/java/net/minecraft/server/PlayerConnection.java
|
|
index daa066cbec8097b86f8b3c564e8134607e57b3cd..0ece15a8457debc7d8343c894b060e81be845488 100644
|
|
--- a/src/main/java/net/minecraft/server/PlayerConnection.java
|
|
+++ b/src/main/java/net/minecraft/server/PlayerConnection.java
|
|
@@ -697,7 +697,14 @@ public class PlayerConnection implements PacketListenerPlayIn {
|
|
@Override
|
|
public void a(PacketPlayInPickItem packetplayinpickitem) {
|
|
PlayerConnectionUtils.ensureMainThread(packetplayinpickitem, this, this.player.getWorldServer());
|
|
- this.player.inventory.c(packetplayinpickitem.b());
|
|
+ // Paper start - validate pick item position
|
|
+ if (!(packetplayinpickitem.b() >= 0 && packetplayinpickitem.b() < this.player.inventory.items.size())) {
|
|
+ PlayerConnection.LOGGER.warn("{} tried to set an invalid carried item", this.player.getDisplayName().getString());
|
|
+ this.disconnect("Invalid hotbar selection (Hacking?)");
|
|
+ return;
|
|
+ }
|
|
+ this.player.inventory.c(packetplayinpickitem.b()); // Paper - Diff above if changed
|
|
+ // Paper end
|
|
this.player.playerConnection.sendPacket(new PacketPlayOutSetSlot(-2, this.player.inventory.itemInHandIndex, this.player.inventory.getItem(this.player.inventory.itemInHandIndex)));
|
|
this.player.playerConnection.sendPacket(new PacketPlayOutSetSlot(-2, packetplayinpickitem.b(), this.player.inventory.getItem(packetplayinpickitem.b())));
|
|
this.player.playerConnection.sendPacket(new PacketPlayOutHeldItemSlot(this.player.inventory.itemInHandIndex));
|