From fc9ee90fc543adbbe1641cc722b0b2d4b800f668 Mon Sep 17 00:00:00 2001 From: Thinkofname Date: Mon, 28 Mar 2016 21:19:05 +0100 Subject: Limit the length of byte arrays --- nms-patches/PacketDataSerializer.patch | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) (limited to 'nms-patches/PacketDataSerializer.patch') diff --git a/nms-patches/PacketDataSerializer.patch b/nms-patches/PacketDataSerializer.patch index 3208a310..010ab302 100644 --- a/nms-patches/PacketDataSerializer.patch +++ b/nms-patches/PacketDataSerializer.patch @@ -9,7 +9,25 @@ public class PacketDataSerializer extends ByteBuf { private final ByteBuf a; -@@ -99,7 +101,7 @@ +@@ -44,8 +46,16 @@ + return this; + } + ++ // CraftBukkit start - limit length + public byte[] a() { +- byte[] abyte = new byte[this.g()]; ++ return readByteArray(Short.MAX_VALUE); ++ } ++ ++ public byte[] readByteArray(int limit) { ++ int len = this.g(); ++ if (len > limit) throw new DecoderException("The received a byte array longer than allowed " + len + " > " + limit); ++ byte[] abyte = new byte[len]; ++ // CraftBukkit end + + this.readBytes(abyte); + return abyte; +@@ -99,7 +109,7 @@ } public > T a(Class oclass) { @@ -18,7 +36,7 @@ } public PacketDataSerializer a(Enum oenum) { -@@ -176,7 +178,7 @@ +@@ -176,7 +186,7 @@ } else { try { NBTCompressedStreamTools.a(nbttagcompound, (DataOutput) (new ByteBufOutputStream(this))); @@ -27,7 +45,7 @@ throw new EncoderException(ioexception); } } -@@ -202,7 +204,7 @@ +@@ -202,7 +212,7 @@ } public PacketDataSerializer a(ItemStack itemstack) { @@ -36,7 +54,7 @@ this.writeShort(-1); } else { this.writeShort(Item.getId(itemstack.getItem())); -@@ -230,6 +232,11 @@ +@@ -230,6 +240,11 @@ itemstack = new ItemStack(Item.getById(short0), b0, short1); itemstack.setTag(this.j()); -- cgit v1.2.3