TotalFreedomMC/VulnerabilityPatcher
1
0
Fork 0
mirror of https://github.com/TotalFreedomMC/VulnerabilityPatcher.git synced 2025-02-05 14:22:52 +00:00
Code Issues Projects Releases Wiki Activity

"Oversized" Sign exploit patched

Browse source
This commit is contained in:
Nathan Curran 2021-06-16 22:28:34 +10:00
parent ddcb6dc3c1
commit 03393f0c34
No known key found for this signature in database
GPG key ID: B3A964B30C2E56B8
10 changed files with 113 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
gradle.properties
View file

@ -1,2 +1,2 @@
pluginGroup=me.cooljwb.vulnerabilitypatcher
pluginVersion=v1.9.3.1
pluginVersion=v1.9.4

3
src/main/java/me/cooljwb/vulnerabilitypatcher/VulnerabilityPatcher.java
View file

@ -193,6 +193,9 @@ public final class VulnerabilityPatcher extends JavaPlugin
case "ItemNames":
listeners.add(new Item_Names());
break;
case "OversizedSigns":
listeners.add(new Oversized_Sign());
break;
} // Adds all events to the event register.
}
listeners.forEach(listener -> Bukkit.getPluginManager().registerEvents(listener, this)); // Register the events.

4
src/main/java/me/cooljwb/vulnerabilitypatcher/commands/CommandGetNBT.java
View file

@ -31,9 +31,9 @@ public class CommandGetNBT extends Patches implements CommandExecutor
ItemStack item = player.getInventory().getItemInMainHand();
String strItem = itemToString(item);
if (item != null && item.getType() != Material.AIR && strItem != null && !(strItem.length() > 5000))
if (item.getType() != Material.AIR && strItem != null && !(strItem.length() > 5000))
msg(sender, SMG.VULNERABILITYPATCHER.msg + ChatColor.GRAY + "Item data: " + ChatColor.GREEN + ChatColor.stripColor(strItem));
else if (item == null || item.getType() == Material.AIR)
else if (item.getType() == Material.AIR)
msg(sender, SMG.GET_ITEM_IN_MAINHAND.msg);
else if (strItem == null)
msg(sender, SMG.NO_TAG.msg);

18
src/main/java/me/cooljwb/vulnerabilitypatcher/modifiers/NBTModifier.java
View file

@ -5,6 +5,7 @@ import org.bukkit.entity.Arrow;
import org.bukkit.entity.Entity;
import org.bukkit.entity.Firework;
import org.bukkit.entity.Player;
import org.bukkit.event.block.BlockPlaceEvent;
import org.bukkit.inventory.ItemStack;
import org.bukkit.inventory.meta.SpawnEggMeta;
import org.bukkit.projectiles.ProjectileSource;
@ -489,4 +490,21 @@ public class NBTModifier
}
return false;
}
protected boolean isOversizedSign(ItemStack item)
{
if (getVersion().equals("1.16.5"))
{
return nbt_1_16_3.isOversizedSign(item);
}
return false;
}
protected void clearOversizedSign(BlockPlaceEvent event)
{
if (getVersion().equals("1.16.5"))
{
nbt_1_16_3.clearOversizedSign(event);
}
}
}

52
src/main/java/me/cooljwb/vulnerabilitypatcher/modifiers/NBTModifier_1_16_3.java
View file

@ -19,6 +19,7 @@ import org.bukkit.entity.Arrow;
import org.bukkit.entity.Entity;
import org.bukkit.entity.Firework;
import org.bukkit.entity.Player;
import org.bukkit.event.block.BlockPlaceEvent;
import org.bukkit.inventory.ItemStack;
import org.bukkit.inventory.meta.BookMeta;
import org.bukkit.inventory.meta.SpawnEggMeta;
@ -500,4 +501,55 @@ public class NBTModifier_1_16_3
}
return false;
}
boolean isOversizedSign(ItemStack item)
{
if (item != null && item.getType().name().contains("SIGN"))
{
net.minecraft.server.v1_16_R3.ItemStack nmsItem = CraftItemStack.asNMSCopy(item);
NBTTagCompound tag = nmsItem.getTag().getCompound("BlockEntityTag");
String text1 = tag.getString("Text1").toLowerCase();
String text2 = tag.getString("Text2").toLowerCase();
String text3 = tag.getString("Text3").toLowerCase();
String text4 = tag.getString("Text4").toLowerCase();
return text1.contains("\"nbt\":") || text2.contains("\"nbt\":") || text3.contains("\"nbt\":") || text4.contains("\"nbt\":");
}
return false;
}
void clearOversizedSign(BlockPlaceEvent event)
{
ItemStack item = event.getItemInHand();
net.minecraft.server.v1_16_R3.ItemStack nmsItem = CraftItemStack.asNMSCopy(item);
NBTTagCompound tag = nmsItem.getTag().getCompound("BlockEntityTag");
String text1 = tag.getString("Text1").toLowerCase();
String text2 = tag.getString("Text2").toLowerCase();
String text3 = tag.getString("Text3").toLowerCase();
String text4 = tag.getString("Text4").toLowerCase();
if (text1.contains("\"nbt\":"))
{
tag.setString("Text1", "{\"text\":\"NBT tag removed\"}");
}
if (text2.contains("\"nbt\":"))
{
tag.setString("Text2", "{\"text\":\"NBT tag removed\"}");
}
if (text3.contains("\"nbt\":"))
{
tag.setString("Text3", "{\"text\":\"NBT tag removed\"}");
}
if (text4.contains("\"nbt\":"))
{
tag.setString("Text4", "{\"text\":\"NBT tag removed\"}");
}
ItemStack newItem = CraftItemStack.asBukkitCopy(nmsItem);
if (event.getPlayer().getInventory().getItemInMainHand().equals(item))
{
event.getPlayer().getInventory().setItemInMainHand(newItem);
}
else
{
event.getPlayer().getInventory().setItemInOffHand(newItem);
}
}
}

3
src/main/java/me/cooljwb/vulnerabilitypatcher/patches/Entity_Tag.java
View file

@ -54,8 +54,6 @@ public class Entity_Tag extends Patches implements Listener
{
ItemStack item = event.getItem();
if (item != null)
{
if (isDangerousEgg(item))
{
event.setCancelled(true);
@ -72,7 +70,6 @@ public class Entity_Tag extends Patches implements Listener
notifyViolation(event.getBlock().getType().name(), "use", "dangerous mob egg", event.getBlock().getLocation());
}
}
debug(event);
} // Checks if a block tried to dispense a modified Spawn Egg.

22
src/main/java/me/cooljwb/vulnerabilitypatcher/patches/Oversized_Sign.java Normal file
View file

@ -0,0 +1,22 @@
package me.cooljwb.vulnerabilitypatcher.patches;
import org.bukkit.event.EventHandler;
import org.bukkit.event.EventPriority;
import org.bukkit.event.Listener;
import org.bukkit.event.block.BlockPlaceEvent;
public class Oversized_Sign extends Patches implements Listener
{
@EventHandler(priority = EventPriority.HIGHEST)
public void onBlockPlace(BlockPlaceEvent event)
{
if (isOversizedSign(event.getItemInHand()))
{
event.setCancelled(true);
clearOversizedSign(event);
notifyViolation(event.getPlayer(), "place", "oversized sign", event.getBlock().getLocation());
}
debug(event);
}
}

5
src/main/java/me/cooljwb/vulnerabilitypatcher/patches/Patches.java
View file

@ -124,7 +124,8 @@ public class Patches extends NBTModifier implements Listener
{
if (item != null && item.getItemMeta() != null)
{
if (item.getItemMeta().getEnchants() != null && !item.getItemMeta().getEnchants().isEmpty())
item.getItemMeta().getEnchants();
if (!item.getItemMeta().getEnchants().isEmpty())
{
for (Map.Entry entry : item.getItemMeta().getEnchants().entrySet())
{
@ -328,7 +329,7 @@ public class Patches extends NBTModifier implements Listener
ItemStack mainhand = inv.getItemInMainHand();
ItemStack offhand = inv.getItemInOffHand();
if (item != null && inv != null && mainhand != null && offhand != null)
if (item != null)
{
if (inv.getItemInMainHand().isSimilar(item) || inv.getItemInOffHand().isSimilar(item))
return true;

1
src/main/resources/config.yml
View file

@ -24,6 +24,7 @@ Patches:
- Beehives # Removes all NBT data from any EntityBlockStorage such as beehives
- Skulls # Purges empty skull owner IDs
- ItemNames # Removes item names with events in them.
- OversizedSigns # Removes signs with NBT tag
# All entities added below will be blocked to use in a spawn egg.
BlockedEntityTags:

2
src/main/resources/plugin.yml
View file

@ -1,5 +1,5 @@
name: VulnerabilityPatcher
version: "1.9.3.1"
version: "1.9.4"
api-version: 1.13
main: me.cooljwb.vulnerabilitypatcher.VulnerabilityPatcher
authors: [CoolJWB]