papermc/patches/server/0406-Validate-PickItem-Packet-and-kick-for-invalid.patch
Nassim Jahnke ef0e5a642d
Updated Upstream (Bukkit/CraftBukkit/Spigot)
Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
9ae3f10f SPIGOT-3842: Add Player#fireworkBoost() and expand Firework API
48c0c547 PR-786: Add methods to get sounds from entities

CraftBukkit Changes:
5cc9c022a SPIGOT-7152: Handle hand item changing during air interact event
4ffa1acf6 SPIGOT-7154: Players get kicked when interacting with a conversation
4daa21123 SPIGOT-3842: Add Player#fireworkBoost() and expand Firework API
e5d6a9bbf PR-1100: Add methods to get sounds from entities
b7e9f1c8b SPIGOT-7146: Reduce use of Material switch in ItemMeta

Spigot Changes:
4c157bb4 Rebuild patches
2022-09-12 13:31:45 +02:00

26 lines
1.9 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Aikar <aikar@aikar.co>
Date: Sat, 2 May 2020 03:09:46 -0400
Subject: [PATCH] Validate PickItem Packet and kick for invalid
diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
index fe722106e20e199eb914a09f8dbc1409e27f1d69..77cc62cc942687a40371741904525301a4ed5240 100644
--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
@@ -967,7 +967,14 @@ public class ServerGamePacketListenerImpl implements ServerPlayerConnection, Tic
@Override
public void handlePickItem(ServerboundPickItemPacket packet) {
PacketUtils.ensureRunningOnSameThread(packet, this, this.player.getLevel());
- this.player.getInventory().pickSlot(packet.getSlot());
+ // Paper start - validate pick item position
+ if (!(packet.getSlot() >= 0 && packet.getSlot() < this.player.getInventory().items.size())) {
+ ServerGamePacketListenerImpl.LOGGER.warn("{} tried to set an invalid carried item", this.player.getName().getString());
+ this.disconnect("Invalid hotbar selection (Hacking?)");
+ return;
+ }
+ this.player.getInventory().pickSlot(packet.getSlot()); // Paper - Diff above if changed
+ // Paper end
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, this.player.getInventory().selected, this.player.getInventory().getItem(this.player.getInventory().selected)));
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, packet.getSlot(), this.player.getInventory().getItem(packet.getSlot())));
this.player.connection.send(new ClientboundSetCarriedItemPacket(this.player.getInventory().selected));