From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Aikar Date: Fri, 16 Nov 2018 23:08:50 -0500 Subject: [PATCH] Book Size Limits Puts some limits on the size of books. diff --git a/src/main/java/com/destroystokyo/paper/PaperConfig.java b/src/main/java/com/destroystokyo/paper/PaperConfig.java index 3139c194f9b1bc3510d51a81f13ae43d00a3dc29..13edb435b3fa65b4980bd7472aa5a5196f4d5b2b 100644 --- a/src/main/java/com/destroystokyo/paper/PaperConfig.java +++ b/src/main/java/com/destroystokyo/paper/PaperConfig.java @@ -339,4 +339,11 @@ public class PaperConfig { velocitySecretKey = secret.getBytes(StandardCharsets.UTF_8); } } + + public static int maxBookPageSize = 2560; + public static double maxBookTotalSizeMultiplier = 0.98D; + private static void maxBookSize() { + maxBookPageSize = getInt("settings.book-size.page-max", maxBookPageSize); + maxBookTotalSizeMultiplier = getDouble("settings.book-size.total-multiplier", maxBookTotalSizeMultiplier); + } } diff --git a/src/main/java/net/minecraft/server/network/PlayerConnection.java b/src/main/java/net/minecraft/server/network/PlayerConnection.java index 59617fceecb08edf665902f30ea7064e6333bb96..7158d3e3a7e2912d8d170aca4096355d43645cfa 100644 --- a/src/main/java/net/minecraft/server/network/PlayerConnection.java +++ b/src/main/java/net/minecraft/server/network/PlayerConnection.java @@ -1001,6 +1001,52 @@ public class PlayerConnection implements PacketListenerPlayIn { @Override public void a(PacketPlayInBEdit packetplayinbedit) { + // Paper start + ItemStack testStack = packetplayinbedit.getBook(); + if (!server.isPrimaryThread() && !testStack.isEmpty() && testStack.getTag() != null) { + NBTTagList pageList = testStack.getTag().getList("pages", 8); + if (pageList.size() > 100) { + PlayerConnection.LOGGER.warn(this.player.getName() + " tried to send a book with too many pages"); + minecraftServer.scheduleOnMain(() -> this.disconnect("Book too large!")); + return; + } + long byteTotal = 0; + int maxBookPageSize = com.destroystokyo.paper.PaperConfig.maxBookPageSize; + double multiplier = Math.max(0.3D, Math.min(1D, com.destroystokyo.paper.PaperConfig.maxBookTotalSizeMultiplier)); + long byteAllowed = maxBookPageSize; + for (int i = 0; i < pageList.size(); ++i) { + String testString = pageList.getString(i); + int byteLength = testString.getBytes(java.nio.charset.StandardCharsets.UTF_8).length; + if (byteLength > 256 * 4) { + PlayerConnection.LOGGER.warn(this.player.getName() + " tried to send a book with with a page too large!"); + minecraftServer.scheduleOnMain(() -> this.disconnect("Book too large!")); + return; + } + byteTotal += byteLength; + int length = testString.length(); + int multibytes = 0; + if (byteLength != length) { + for (char c : testString.toCharArray()) { + if (c > 127) { + multibytes++; + } + } + } + byteAllowed += (maxBookPageSize * Math.min(1, Math.max(0.1D, (double) length / 255D))) * multiplier; + + if (multibytes > 1) { + // penalize MB + byteAllowed -= multibytes; + } + } + + if (byteTotal > byteAllowed) { + PlayerConnection.LOGGER.warn(this.player.getName() + " tried to send too large of a book. Book Size: " + byteTotal + " - Allowed: "+ byteAllowed + " - Pages: " + pageList.size()); + minecraftServer.scheduleOnMain(() -> this.disconnect("Book too large!")); + return; + } + } + // Paper end // CraftBukkit start if (this.lastBookTick + 20 > MinecraftServer.currentTick) { this.disconnect("Book edited too quickly!");