OpenSource/PaperMC
OpenSource/PaperMC
1
0
Fork 0
mirror of https://github.com/PaperMC/Paper.git synced 2024-12-01 12:41:50 +01:00
Code Issues Projects Releases Packages Wiki Activity

Less strict skull validation

Browse source 
Fixes GH-367
This commit is contained in:
Zach Brown 2016-07-18 18:07:48 -05:00
parent 7e0446431d
commit 11fabc9552
No known key found for this signature in database
GPG key ID: CC9DA35FC5450B76
3 changed files with 48 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Spigot-Server-Patches/0151-Avoid-blocking-on-Network-Manager-creation.patch
View file

@ -1,4 +1,4 @@
From a4a3433307cd3424707cde90eb7446217e0c4426 Mon Sep 17 00:00:00 2001 From c3d43cd0b8770d66971b7b80430b67b1694bb7a1 Mon Sep 17 00:00:00 2001
From: Aikar <aikar@aikar.co> From: Aikar <aikar@aikar.co>
Date: Mon, 16 May 2016 23:19:16 -0400 Date: Mon, 16 May 2016 23:19:16 -0400
Subject: [PATCH] Avoid blocking on Network Manager creation Subject: [PATCH] Avoid blocking on Network Manager creation
@ -45,5 +45,5 @@ index 5b0488a..25867be 100644
if ( org.spigotmc.SpigotConfig.playerShuffle > 0 && MinecraftServer.currentTick % org.spigotmc.SpigotConfig.playerShuffle == 0 ) if ( org.spigotmc.SpigotConfig.playerShuffle > 0 && MinecraftServer.currentTick % org.spigotmc.SpigotConfig.playerShuffle == 0 )
{ {
-- --
2.9.0 2.9.2.windows.1

4
Spigot-Server-Patches/0153-Faster-redstone-torch-rapid-clock-removal.patch
View file

@ -1,4 +1,4 @@
From 9bd888b23873214255d8a861baed7f37031c2573 Mon Sep 17 00:00:00 2001 From 0191195532931d25a610e0e46ef734c235ed3a24 Mon Sep 17 00:00:00 2001
From: Martin Panzer <postremus1996@googlemail.com> From: Martin Panzer <postremus1996@googlemail.com>
Date: Mon, 23 May 2016 12:12:37 +0200 Date: Mon, 23 May 2016 12:12:37 +0200
Subject: [PATCH] Faster redstone torch rapid clock removal Subject: [PATCH] Faster redstone torch rapid clock removal
@ -39,5 +39,5 @@ index 7866bd9..606f982 100644
public RedstoneUpdateInfo(BlockPosition blockposition, long i) { public RedstoneUpdateInfo(BlockPosition blockposition, long i) {
this.a = blockposition; this.a = blockposition;
-- --
2.9.0 2.9.2.windows.1

44
Spigot-Server-Patches/0166-Less-strict-skull-validation.patch Normal file
View file

@ -0,0 +1,44 @@
From bbf37c133d002558a9e031cf699579d96ded9e3c Mon Sep 17 00:00:00 2001
From: Zach Brown <zach.brown@destroystokyo.com>
Date: Mon, 18 Jul 2016 17:57:36 -0500
Subject: [PATCH] Less strict skull validation
Spigot's solution removes all unsigned skins from Skulls. While this does work to achieve its original goal, it is often
overzealous and removes many plugin created and other skulls. We can be more specific in our checks to avoid this.
This does technically reveal how the exploit works, however given that it already appears to be well-known throughout
malicious communities, and the current solution breaks legitimate skulls, we don't feel particularly bad about it this
time.
diff --git a/src/main/java/net/minecraft/server/ItemSkull.java b/src/main/java/net/minecraft/server/ItemSkull.java
index 4a9cb67..b2af87a 100644
--- a/src/main/java/net/minecraft/server/ItemSkull.java
+++ b/src/main/java/net/minecraft/server/ItemSkull.java
@@ -135,11 +135,24 @@ public class ItemSkull extends Item {
boolean valid = true;
NBTTagList textures = nbttagcompound.getCompound("SkullOwner").getCompound("Properties").getList("textures", 10); // Safe due to method contracts
+ // Paper start - Less strict validation
+ for (NBTBase texture : textures.list) {
+ if (texture instanceof NBTTagCompound && !((NBTTagCompound) texture).hasKeyOfType("Signature", 8)) {
+ if (((NBTTagCompound) texture).getString("Value").trim().length() > 0) {
+ continue;
+ }
+
+ valid = false;
+ }
+ }
+ /*
for (int i = 0; i < textures.size(); i++) {
if (textures.get(i) instanceof NBTTagCompound && !((NBTTagCompound) textures.get(i)).hasKeyOfType("Signature", 8)) {
valid = false;
}
}
+ */
+ // Paper end
if (!valid) {
nbttagcompound.remove("SkullOwner");
--
2.9.2.windows.1