papermc/patches/server/0352-Validate-PickItem-Packet-and-kick-for-invalid.patch
Nassim Jahnke 4bc15f13aa
Updated Upstream (Bukkit/CraftBukkit)
Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
e2160a18 Make MapCursor#type not depends on deprecated values

CraftBukkit Changes:
6ce172642 SPIGOT-7761: Ender pearl does not damage or spawn endermites
f5a63f734 SPIGOT-7759: Chunk not there when requested in ChunkUnloadEvent
28287259c Remove unused import
eb9a7dde0 SPIGOT-7757: Cannot set item in Stonecutter Inventory
f8be9d752 Move deserialized removed unhandled tags to dedicated removedTags
a7e576186 Fix potential mutability issue with CraftMetaItem copy constructor
995885452 SPIGOT-7741: Vanilla ItemComponent in commands can't remove components
9ef69aa0b PR-1284: Move ItemType <-> ItemMeta linking to a centralized place
3e82eafbe PR-1420: Fix DirectEntity and CausingEntity Damager for Creepers ignited by Player
c23daa71f SPIGOT-7751: Fix crash caused by arrows from trial spawners
Make MapCursor#type not depends on deprecated values
SPIGOT-7761: Ender pearl does not damage or spawn endermites
2024-06-15 18:31:58 +02:00

26 lines
1.9 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Aikar <aikar@aikar.co>
Date: Sat, 2 May 2020 03:09:46 -0400
Subject: [PATCH] Validate PickItem Packet and kick for invalid
diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
index 39e273ada6225a4a5deb4830185a957e4ae9ab0d..9ca934b6f24d6a8d5e32f6c4cf728bee4b3f3e36 100644
--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
@@ -895,7 +895,14 @@ public class ServerGamePacketListenerImpl extends ServerCommonPacketListenerImpl
@Override
public void handlePickItem(ServerboundPickItemPacket packet) {
PacketUtils.ensureRunningOnSameThread(packet, this, this.player.serverLevel());
- this.player.getInventory().pickSlot(packet.getSlot());
+ // Paper start - validate pick item position
+ if (!(packet.getSlot() >= 0 && packet.getSlot() < this.player.getInventory().items.size())) {
+ ServerGamePacketListenerImpl.LOGGER.warn("{} tried to set an invalid carried item", this.player.getName().getString());
+ this.disconnect(Component.literal("Invalid hotbar selection (Hacking?)"));
+ return;
+ }
+ this.player.getInventory().pickSlot(packet.getSlot()); // Paper - Diff above if changed
+ // Paper end - validate pick item position
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, this.player.getInventory().selected, this.player.getInventory().getItem(this.player.getInventory().selected)));
this.player.connection.send(new ClientboundContainerSetSlotPacket(-2, 0, packet.getSlot(), this.player.getInventory().getItem(packet.getSlot())));
this.player.connection.send(new ClientboundSetCarriedItemPacket(this.player.getInventory().selected));