PaperMC/patches/server/0380-Validate-PickItem-Packet-and-kick-for-invalid.patch
Jake Potrebic 3c0d6aaed9
Updated Upstream (Bukkit/CraftBukkit/Spigot) (#10085)
Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
0c7aedbc SPIGOT-7554, PR-954: Add DecoratedPotInventory

CraftBukkit Changes:
53ebb05e3 SPIGOT-7554, PR-1323: Add DecoratedPotInventory
33a2d8773 Ensure that PlayerMoveEvent is always fired where applicable
7df18510f SPIGOT-7555: Don't cast ItemFlags to byte
19aec59ea Use provided case for non-existent OfflinePlayers

Spigot Changes:
e7ce55a3 Remove obsolete PlayerMoveEvent improvements
3e5e22c0 Remove obsolete lowercasing of non existent OfflinePlayer names
2023-12-28 12:47:57 -08:00

26 lines
1.9 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Aikar <aikar@aikar.co>
Date: Sat, 2 May 2020 03:09:46 -0400
Subject: [PATCH] Validate PickItem Packet and kick for invalid
diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
index d8285ff999cfea9a7b62e9914a7a7dfdae2ede76..3b1127ac1e30c809d290192319f8bc5f9de30b46 100644
--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
@@ -867,7 +867,14 @@ public class ServerGamePacketListenerImpl extends ServerCommonPacketListenerImpl
@Override
public void handlePickItem(ServerboundPickItemPacket packet) {
PacketUtils.ensureRunningOnSameThread(packet, this, this.player.serverLevel());
- this.player.getInventory().pickSlot(packet.getSlot());
+ // Paper start - validate pick item position
+ if (!(packet.getSlot() >= 0 && packet.getSlot() < this.player.getInventory().items.size())) {
+ ServerGamePacketListenerImpl.LOGGER.warn("{} tried to set an invalid carried item", this.player.getName().getString());
+ this.disconnect("Invalid hotbar selection (Hacking?)");
+ return;
+ }
+ this.player.getInventory().pickSlot(packet.getSlot()); // Paper - Diff above if changed
+ // Paper end
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, this.player.getInventory().selected, this.player.getInventory().getItem(this.player.getInventory().selected)));
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, packet.getSlot(), this.player.getInventory().getItem(packet.getSlot())));
this.player.connection.send(new ClientboundSetCarriedItemPacket(this.player.getInventory().selected));