Add validation to player profile and properties (#10680)
This commit is contained in:
Nassim Jahnke
GitHub
parent
8748ae16ac
commit
7f1a154d15
11 changed files with 86 additions and 37 deletions
|
|
@ -271,3 +271,40 @@ index 3f309c255097f6778854d710a5a045fa960a953f..c318552a2ac2710cea01ac449a469a0f
|
|||
+ // Paper end
|
||||
+
|
||||
}
|
||||
diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
index 358af0121ce3d87a9f51da2bae0699034c1560b4..44174c5a7b255af489c1e4bf589299e6bdbb90a3 100644
|
||||
--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
+++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
@@ -37,6 +37,16 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
boolean isValidSkullProfile = (gameProfile.getName() != null)
|
||||
|| gameProfile.getProperties().containsKey(CraftPlayerTextures.PROPERTY_NAME);
|
||||
Preconditions.checkArgument(isValidSkullProfile, "The skull profile is missing a name or textures!");
|
||||
+ // Paper start - Validate
|
||||
+ Preconditions.checkArgument(gameProfile.getName().length() <= 16, "The name of the profile is longer than 16 characters");
|
||||
+ final PropertyMap properties = gameProfile.getProperties();
|
||||
+ Preconditions.checkArgument(properties.size() <= 16, "The profile contains more than 16 properties");
|
||||
+ for (final Property property : properties.values()) {
|
||||
+ Preconditions.checkArgument(property.name().length() <= 64, "The name of a property is longer than 64 characters");
|
||||
+ Preconditions.checkArgument(property.value().length() <= Short.MAX_VALUE, "The value of a property is longer than 32767 characters");
|
||||
+ Preconditions.checkArgument(property.signature() == null || property.signature().length() <= 1024, "The signature of a property is longer than 1024 characters");
|
||||
+ }
|
||||
+ // Paper end - Validate
|
||||
return gameProfile;
|
||||
}
|
||||
|
||||
@@ -53,6 +63,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
|
||||
public CraftPlayerProfile(UUID uniqueId, String name) {
|
||||
Preconditions.checkArgument((uniqueId != null) || !StringUtils.isBlank(name), "uniqueId is null or name is blank");
|
||||
+ Preconditions.checkArgument(name == null || name.length() <= 16, "The name of the profile is longer than 16 characters"); // Paper - Validate
|
||||
this.uniqueId = (uniqueId == null) ? Util.NIL_UUID : uniqueId;
|
||||
this.name = (name == null) ? "" : name;
|
||||
}
|
||||
@@ -89,6 +100,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
// Assert: (property == null) || property.getName().equals(propertyName)
|
||||
this.removeProperty(propertyName);
|
||||
if (property != null) {
|
||||
+ Preconditions.checkArgument(this.properties.size() < 16, "The profile contains more than 16 properties"); // Paper - Validate
|
||||
this.properties.put(property.name(), property);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -63,10 +63,10 @@ index 6097e0ab387cfa4c2c9ab0389fc5bb6cd899ecc3..ebba6bc5b337d19e32be5a78294501ed
|
|||
|
||||
public static void clear() {
|
||||
diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
index 358af0121ce3d87a9f51da2bae0699034c1560b4..edd340c66ea8cec1c76ba29f1deab14c4784a7e5 100644
|
||||
index 866f9d00669923ee01ac97399cd78b5ee58f950f..6f0edd4d1c473179c03253326a3c7b5910ec53ad 100644
|
||||
--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
+++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
@@ -122,7 +122,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
@@ -134,7 +134,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
|
||||
@Override
|
||||
public CompletableFuture<PlayerProfile> update() {
|
||||
|
|
|
|||
|
|
@ -16,12 +16,13 @@ public org.bukkit.craftbukkit.profile.CraftPlayerProfile setProperty(Ljava/lang/
|
|||
|
||||
diff --git a/src/main/java/com/destroystokyo/paper/profile/CraftPlayerProfile.java b/src/main/java/com/destroystokyo/paper/profile/CraftPlayerProfile.java
|
||||
new file mode 100644
|
||||
index 0000000000000000000000000000000000000000..a750ec2cde2c6b3942806241b2d972cef57f3d44
|
||||
index 0000000000000000000000000000000000000000..72e232791efa2154c6c95d2158734a86480cb40d
|
||||
--- /dev/null
|
||||
+++ b/src/main/java/com/destroystokyo/paper/profile/CraftPlayerProfile.java
|
||||
@@ -0,0 +1,416 @@
|
||||
@@ -0,0 +1,420 @@
|
||||
+package com.destroystokyo.paper.profile;
|
||||
+
|
||||
+import com.google.common.base.Preconditions;
|
||||
+import com.mojang.authlib.yggdrasil.ProfileResult;
|
||||
+import io.papermc.paper.configuration.GlobalConfiguration;
|
||||
+import com.google.common.base.Charsets;
|
||||
|
|
@ -76,6 +77,8 @@ index 0000000000000000000000000000000000000000..a750ec2cde2c6b3942806241b2d972ce
|
|||
+ String name = property.getName();
|
||||
+ PropertyMap properties = profile.getProperties();
|
||||
+ properties.removeAll(name);
|
||||
+
|
||||
+ Preconditions.checkArgument(properties.size() < 16, "Cannot add more than 16 properties to a profile");
|
||||
+ properties.put(name, new Property(name, property.getValue(), property.getSignature()));
|
||||
+ }
|
||||
+
|
||||
|
|
@ -165,10 +168,10 @@ index 0000000000000000000000000000000000000000..a750ec2cde2c6b3942806241b2d972ce
|
|||
+ @Nullable
|
||||
+ @Override
|
||||
+ public void setProperty(@NotNull String propertyName, @Nullable Property property) {
|
||||
+ PropertyMap properties = profile.getProperties();
|
||||
+ properties.removeAll(propertyName);
|
||||
+ if (property != null) {
|
||||
+ properties.put(propertyName, property);
|
||||
+ this.setProperty(new ProfileProperty(propertyName, property.value(), property.signature()));
|
||||
+ } else {
|
||||
+ profile.getProperties().removeAll(propertyName);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
|
|
@ -288,6 +291,7 @@ index 0000000000000000000000000000000000000000..a750ec2cde2c6b3942806241b2d972ce
|
|||
+ }
|
||||
+
|
||||
+ private static GameProfile createAuthLibProfile(UUID uniqueId, String name) {
|
||||
+ Preconditions.checkArgument(name == null || name.length() <= 16, "Name cannot be longer than 16 characters");
|
||||
+ return new GameProfile(
|
||||
+ uniqueId != null ? uniqueId : Util.NIL_UUID,
|
||||
+ name != null ? name : ""
|
||||
|
|
@ -684,7 +688,7 @@ index f6012feafe1dbbf9c52ac38965d9475896766657..a7554f2028f93867360c27a51c9580a8
|
|||
// Paper end
|
||||
}
|
||||
diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c714d0e052b 100644
|
||||
index 6f0edd4d1c473179c03253326a3c7b5910ec53ad..e3a244dac35bf4d5d10e41c200aaa7f93e278ef9 100644
|
||||
--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
+++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
@@ -28,7 +28,7 @@ import org.bukkit.profile.PlayerProfile;
|
||||
|
|
@ -696,7 +700,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
|
|||
|
||||
@Nonnull
|
||||
public static GameProfile validateSkullProfile(@Nonnull GameProfile gameProfile) {
|
||||
@@ -93,8 +93,10 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
@@ -105,8 +105,10 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -709,7 +713,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
|
|||
}
|
||||
|
||||
void rebuildDirtyProperties() {
|
||||
@@ -237,6 +239,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
@@ -249,6 +251,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
|
||||
@Override
|
||||
public Map<String, Object> serialize() {
|
||||
|
|
@ -717,7 +721,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
|
|||
Map<String, Object> map = new LinkedHashMap<>();
|
||||
if (this.getUniqueId() != null) {
|
||||
map.put("uniqueId", this.getUniqueId().toString());
|
||||
@@ -252,10 +255,12 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
@@ -264,10 +267,12 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
});
|
||||
map.put("properties", propertiesData);
|
||||
}
|
||||
|
|
@ -730,7 +734,7 @@ index edd340c66ea8cec1c76ba29f1deab14c4784a7e5..6f779c6f4422c5b5dc22f66e3e702c71
|
|||
UUID uniqueId = ConfigSerializationUtil.getUuid(map, "uniqueId", true);
|
||||
String name = ConfigSerializationUtil.getString(map, "name", true);
|
||||
|
||||
@@ -269,7 +274,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
@@ -281,7 +286,7 @@ public final class CraftPlayerProfile implements PlayerProfile {
|
||||
profile.properties.put(property.name(), property);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -208,7 +208,7 @@ index 172202accf4448a933fcf1ff820316c7910dd7f7..50ee7656580d386db473c054f5c5ec57
|
|||
return null;
|
||||
}
|
||||
diff --git a/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java b/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
|
||||
index 7c039d79b6fba3358daaaf8894e05d9493fa6af8..1c264135c34117407bfbb2d230e2ea1f9ebd0671 100644
|
||||
index 4603752c6ddb75b400afc48971523530fafe8623..5caf63605829e3df994ff22c4351234625d4dc24 100644
|
||||
--- a/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
|
||||
+++ b/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
|
||||
@@ -1733,23 +1733,23 @@ public class CraftPlayer extends CraftHumanEntity implements Player {
|
||||
|
|
@ -256,7 +256,7 @@ index 7c039d79b6fba3358daaaf8894e05d9493fa6af8..1c264135c34117407bfbb2d230e2ea1f
|
|||
}
|
||||
|
||||
diff --git a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
index 6f779c6f4422c5b5dc22f66e3e702c714d0e052b..41336821d4e0430e19f2fc021f09430d7a1302f6 100644
|
||||
index e3a244dac35bf4d5d10e41c200aaa7f93e278ef9..c7cd9081fa7e0b5e436e168515d051cd15a33706 100644
|
||||
--- a/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
+++ b/src/main/java/org/bukkit/craftbukkit/profile/CraftPlayerProfile.java
|
||||
@@ -28,7 +28,7 @@ import org.bukkit.profile.PlayerProfile;
|
||||
|
|
@ -268,7 +268,7 @@ index 6f779c6f4422c5b5dc22f66e3e702c714d0e052b..41336821d4e0430e19f2fc021f09430d
|
|||
|
||||
@Nonnull
|
||||
public static GameProfile validateSkullProfile(@Nonnull GameProfile gameProfile) {
|
||||
@@ -123,7 +123,7 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
|
||||
@@ -135,7 +135,7 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -277,7 +277,7 @@ index 6f779c6f4422c5b5dc22f66e3e702c714d0e052b..41336821d4e0430e19f2fc021f09430d
|
|||
return CompletableFuture.supplyAsync(this::getUpdatedProfile, Util.PROFILE_EXECUTOR); // Paper - don't submit BLOCKING PROFILE LOOKUPS to the world gen thread
|
||||
}
|
||||
|
||||
@@ -277,4 +277,71 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
|
||||
@@ -289,4 +289,71 @@ public final class CraftPlayerProfile implements PlayerProfile, com.destroystoky
|
||||
// Paper - diff on change
|
||||
return profile;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue