mirror of
https://github.com/PaperMC/Paper.git
synced 2025-01-04 02:01:44 +01:00
d8847bc1f3
Upstream has released updates that appear to apply and compile correctly. This update has not been tested by PaperMC and as with ANY update, please do your own testing Bukkit Changes: fde5602a PR-927: Add PlayerRecipeBookSettingsChangeEvent 949ff217 PR-930: Add methods to get/set evoker fang attack delay f6f7c79d SPIGOT-7514, PR-929: Add "Enchantment Roll" API to enchant items according to Minecraft mechanics d40e22da PR-712: Add API to get full result of crafting items CraftBukkit Changes: c8feb0629 PR-1291: Improve precondition message in Entity#playEffect 482c56a00 PR-1285: Add PlayerRecipeBookSettingsChangeEvent cdf798800 PR-1290: Add methods to get/set evoker fang attack delay 2c1b5f78f SPIGOT-7514, PR-1289: Add "Enchantment Roll" API to enchant items according to Minecraft mechanics 6aa644ae9 PR-992: Add API to get full result of crafting items ffb1319bc PR-1287: Fix scoreboards not updating in Player#setStatistic
26 lines
1.9 KiB
Diff
26 lines
1.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Aikar <aikar@aikar.co>
|
|
Date: Sat, 2 May 2020 03:09:46 -0400
|
|
Subject: [PATCH] Validate PickItem Packet and kick for invalid
|
|
|
|
|
|
diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
index 93b1e0b287d195181cb2253b3490ed537efa6b8e..c06ce8822891e7d2a8fa2b649b02555ce6e3373c 100644
|
|
--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
+++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
@@ -867,7 +867,14 @@ public class ServerGamePacketListenerImpl extends ServerCommonPacketListenerImpl
|
|
@Override
|
|
public void handlePickItem(ServerboundPickItemPacket packet) {
|
|
PacketUtils.ensureRunningOnSameThread(packet, this, this.player.serverLevel());
|
|
- this.player.getInventory().pickSlot(packet.getSlot());
|
|
+ // Paper start - validate pick item position
|
|
+ if (!(packet.getSlot() >= 0 && packet.getSlot() < this.player.getInventory().items.size())) {
|
|
+ ServerGamePacketListenerImpl.LOGGER.warn("{} tried to set an invalid carried item", this.player.getName().getString());
|
|
+ this.disconnect("Invalid hotbar selection (Hacking?)");
|
|
+ return;
|
|
+ }
|
|
+ this.player.getInventory().pickSlot(packet.getSlot()); // Paper - Diff above if changed
|
|
+ // Paper end
|
|
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, this.player.getInventory().selected, this.player.getInventory().getItem(this.player.getInventory().selected)));
|
|
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, packet.getSlot(), this.player.getInventory().getItem(packet.getSlot())));
|
|
this.player.connection.send(new ClientboundSetCarriedItemPacket(this.player.getInventory().selected));
|