PaperMC/patches/server/1054-Validate-ResourceLocation-in-NBT-reading.patch

94 lines
6.2 KiB
Diff
Raw Normal View History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Nassim Jahnke <nassim@njahnke.dev>
Date: Thu, 4 Jan 2024 13:49:14 +0100
Subject: [PATCH] Validate ResourceLocation in NBT reading
diff --git a/src/main/java/net/minecraft/nbt/NbtUtils.java b/src/main/java/net/minecraft/nbt/NbtUtils.java
index 18fad4f083862ace2bc56579883f548f6d697091..8e68a094a22243f3e84110ddf81136219ac1de7c 100644
--- a/src/main/java/net/minecraft/nbt/NbtUtils.java
+++ b/src/main/java/net/minecraft/nbt/NbtUtils.java
@@ -230,8 +230,10 @@ public final class NbtUtils {
if (!nbt.contains("Name", 8)) {
return Blocks.AIR.defaultBlockState();
} else {
- ResourceLocation resourceLocation = new ResourceLocation(nbt.getString("Name"));
- Optional<? extends Holder<Block>> optional = blockLookup.get(ResourceKey.create(Registries.BLOCK, resourceLocation));
+ // Paper start - Validate resource location
+ ResourceLocation resourceLocation = ResourceLocation.tryParse(nbt.getString("Name"));
+ Optional<? extends Holder<Block>> optional = resourceLocation != null ? blockLookup.get(ResourceKey.create(Registries.BLOCK, resourceLocation)) : Optional.empty();
+ // Paper end - Validate resource location
if (optional.isEmpty()) {
return Blocks.AIR.defaultBlockState();
} else {
diff --git a/src/main/java/net/minecraft/resources/ResourceLocation.java b/src/main/java/net/minecraft/resources/ResourceLocation.java
index 38e2a8cec48bc779b8154d6d719031f457a2403e..4379090b74d156b62b88163a234c22e78454f5e4 100644
--- a/src/main/java/net/minecraft/resources/ResourceLocation.java
+++ b/src/main/java/net/minecraft/resources/ResourceLocation.java
@@ -31,6 +31,13 @@ public class ResourceLocation implements Comparable<ResourceLocation> {
private final String path;
protected ResourceLocation(String namespace, String path, @Nullable ResourceLocation.Dummy extraData) {
+ // Paper start - Validate ResourceLocation
+ // Check for the max network string length (capped at Short.MAX_VALUE) as well as the max bytes of a StringTag (length written as an unsigned short)
+ final String resourceLocation = namespace + ":" + path;
+ if (resourceLocation.length() > Short.MAX_VALUE || io.netty.buffer.ByteBufUtil.utf8MaxBytes(resourceLocation) > 2 * Short.MAX_VALUE + 1) {
+ throw new ResourceLocationException("Resource location too long: " + resourceLocation);
+ }
+ // Paper end - Validate ResourceLocation
this.namespace = namespace;
this.path = path;
}
diff --git a/src/main/java/net/minecraft/world/entity/EntityType.java b/src/main/java/net/minecraft/world/entity/EntityType.java
Updated Upstream (Bukkit/CraftBukkit/Spigot) (#10164) Upstream has released updates that appear to apply and compile correctly. This update has not been tested by PaperMC and as with ANY update, please do your own testing Bukkit Changes: 63c208dd Remove no longer used import 70be76c7 PR-958: Further clarify deprecation of TAG_CONTAINER_ARRAY ae21f4ac PR-955: Add methods to place structures with block/entity transformers e3d960f2 SPIGOT-7547: Remark that Damageable#setAbsorptionAmount() is capped to a specific value b125516c Fix typo in RecipeChoice.ExactChoice docs 309497c1 Add EntityMountEvent and EntityDismount Event 2fd45ae3 Improve ItemFactory#enchantItem consistency 2b198268 PR-933: Define native persistent data types for lists CraftBukkit Changes: 771182f70 PR-1327: Add methods to place structures with block/entity transformers e41ad4c82 SPIGOT-7567: SpawnReason for SNOWMAN is reported as BUILD_IRONGOLEM 76931e8bd Add EntityMountEvent and EntityDismount Event 9b29b21c7 PR-1183: Better handle lambda expression and renaming of classes in Commodore 1462ebe85 Reformat Commodore.java 9fde4c037 PR-1324: Improve ItemFactory#enchantItem consistency 4e419c774 PR-1295: Define native persistent data types for lists dd8cca388 SPIGOT-7562: Fix Score#getScore and Score#isScoreSet 690278200 Only fetch an online UUID in online mode 1da8d9a53 Fire PreLogin events even in offline mode 2e88514ad PR-1325: Use CraftBlockType and CraftItemType instead of CraftMagicNumbers to convert between minecraft and bukkit block / item representation Spigot Changes: 864e4acc Restore accidentally removed package-info.java f91a10d5 Remove obsolete EntityMountEvent and EntityDismountEvent 828f0593 SPIGOT-7558: Deprecate silenceable lightning API as sound is now client-side and cannot be removed cdc4e035 Remove obsolete patch fetching correct mode UUIDs 49e36b8e Merge related BungeeCord patches 6e87b9ab Remove obsolete firing of PreLogin events in offline mode 5c76b183 Remove redundant patch dealing with exceptions in the crash reporter 3a2219d1 Remove redundant patch logging cause of unexpected exception
2024-01-14 10:46:04 +01:00
index abb2a02e0fc1deedb0ad76aec64f74ce355129cc..4bede2ca556a3bbcfbde9709c8415c9ea94383de 100644
--- a/src/main/java/net/minecraft/world/entity/EntityType.java
+++ b/src/main/java/net/minecraft/world/entity/EntityType.java
@@ -618,7 +618,7 @@ public class EntityType<T extends Entity> implements FeatureElement, EntityTypeT
}
public static Optional<EntityType<?>> by(CompoundTag nbt) {
- return BuiltInRegistries.ENTITY_TYPE.getOptional(new ResourceLocation(nbt.getString("id")));
+ return BuiltInRegistries.ENTITY_TYPE.getOptional(ResourceLocation.tryParse(nbt.getString("id"))); // Paper - Validate ResourceLocation
}
@Nullable
diff --git a/src/main/java/net/minecraft/world/entity/Mob.java b/src/main/java/net/minecraft/world/entity/Mob.java
Updated Upstream (Bukkit/CraftBukkit/Spigot) (#10164) Upstream has released updates that appear to apply and compile correctly. This update has not been tested by PaperMC and as with ANY update, please do your own testing Bukkit Changes: 63c208dd Remove no longer used import 70be76c7 PR-958: Further clarify deprecation of TAG_CONTAINER_ARRAY ae21f4ac PR-955: Add methods to place structures with block/entity transformers e3d960f2 SPIGOT-7547: Remark that Damageable#setAbsorptionAmount() is capped to a specific value b125516c Fix typo in RecipeChoice.ExactChoice docs 309497c1 Add EntityMountEvent and EntityDismount Event 2fd45ae3 Improve ItemFactory#enchantItem consistency 2b198268 PR-933: Define native persistent data types for lists CraftBukkit Changes: 771182f70 PR-1327: Add methods to place structures with block/entity transformers e41ad4c82 SPIGOT-7567: SpawnReason for SNOWMAN is reported as BUILD_IRONGOLEM 76931e8bd Add EntityMountEvent and EntityDismount Event 9b29b21c7 PR-1183: Better handle lambda expression and renaming of classes in Commodore 1462ebe85 Reformat Commodore.java 9fde4c037 PR-1324: Improve ItemFactory#enchantItem consistency 4e419c774 PR-1295: Define native persistent data types for lists dd8cca388 SPIGOT-7562: Fix Score#getScore and Score#isScoreSet 690278200 Only fetch an online UUID in online mode 1da8d9a53 Fire PreLogin events even in offline mode 2e88514ad PR-1325: Use CraftBlockType and CraftItemType instead of CraftMagicNumbers to convert between minecraft and bukkit block / item representation Spigot Changes: 864e4acc Restore accidentally removed package-info.java f91a10d5 Remove obsolete EntityMountEvent and EntityDismountEvent 828f0593 SPIGOT-7558: Deprecate silenceable lightning API as sound is now client-side and cannot be removed cdc4e035 Remove obsolete patch fetching correct mode UUIDs 49e36b8e Merge related BungeeCord patches 6e87b9ab Remove obsolete firing of PreLogin events in offline mode 5c76b183 Remove redundant patch dealing with exceptions in the crash reporter 3a2219d1 Remove redundant patch logging cause of unexpected exception
2024-01-14 10:46:04 +01:00
index 42e2be9286b75a1d34845f303ffc65e96fdd5416..0b5334004b9d0489e8465824870662b467ce321b 100644
--- a/src/main/java/net/minecraft/world/entity/Mob.java
+++ b/src/main/java/net/minecraft/world/entity/Mob.java
@@ -620,7 +620,7 @@ public abstract class Mob extends LivingEntity implements Targeting {
this.setLeftHanded(nbt.getBoolean("LeftHanded"));
if (nbt.contains("DeathLootTable", 8)) {
- this.lootTable = new ResourceLocation(nbt.getString("DeathLootTable"));
+ this.lootTable = ResourceLocation.tryParse(nbt.getString("DeathLootTable")); // Paper - Validate ResourceLocation
this.lootTableSeed = nbt.getLong("DeathLootTableSeed");
}
diff --git a/src/main/java/net/minecraft/world/entity/projectile/AbstractArrow.java b/src/main/java/net/minecraft/world/entity/projectile/AbstractArrow.java
index 42ebd91196ae420eee57f4380abc558555457163..b61a367048c3d6dfef187fef35a5dc7471f891d0 100644
--- a/src/main/java/net/minecraft/world/entity/projectile/AbstractArrow.java
+++ b/src/main/java/net/minecraft/world/entity/projectile/AbstractArrow.java
@@ -560,7 +560,7 @@ public abstract class AbstractArrow extends Projectile {
this.setCritArrow(nbt.getBoolean("crit"));
this.setPierceLevel(nbt.getByte("PierceLevel"));
if (nbt.contains("SoundEvent", 8)) {
- this.soundEvent = (SoundEvent) BuiltInRegistries.SOUND_EVENT.getOptional(new ResourceLocation(nbt.getString("SoundEvent"))).orElse(this.getDefaultHitGroundSoundEvent());
+ this.soundEvent = (SoundEvent) BuiltInRegistries.SOUND_EVENT.getOptional(ResourceLocation.tryParse(nbt.getString("SoundEvent"))).orElse(this.getDefaultHitGroundSoundEvent()); // Paper - Validate resource location
}
this.setShotFromCrossbow(nbt.getBoolean("ShotFromCrossbow"));
diff --git a/src/main/java/net/minecraft/world/entity/vehicle/ContainerEntity.java b/src/main/java/net/minecraft/world/entity/vehicle/ContainerEntity.java
index 7529751afa2932fd16bc4591189b0358268a7b14..e2e1c7a017e82dc7299e5cd1783818e4f0319c0b 100644
--- a/src/main/java/net/minecraft/world/entity/vehicle/ContainerEntity.java
+++ b/src/main/java/net/minecraft/world/entity/vehicle/ContainerEntity.java
@@ -67,7 +67,7 @@ public interface ContainerEntity extends Container, MenuProvider {
default void readChestVehicleSaveData(CompoundTag nbt) {
this.clearItemStacks();
if (nbt.contains("LootTable", 8)) {
- this.setLootTable(new ResourceLocation(nbt.getString("LootTable")));
+ this.setLootTable(ResourceLocation.tryParse(nbt.getString("LootTable"))); // Paper - Validate ResourceLocation
this.setLootTableSeed(nbt.getLong("LootTableSeed"));
}