TakeV/Paper
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Paper/Spigot-Server-Patches/0209-Fix-exploit-that-allowed-colored-signs-to-be-created.patch
MiniDigger | Martin 0fb8bdf0e0
Updated Upstream (Bukkit/CraftBukkit) (#5508) 
Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
14883d6b SPIGOT-6078: Add SmithItemEvent and expand SmithingInventory API

CraftBukkit Changes:
115244c7 SPIGOT-6078: Add SmithItemEvent and expand SmithingInventory API
2021-04-18 09:02:48 +00:00

32 lines
2 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: 0x22 <0x22@futureclient.net>
Date: Thu, 26 Apr 2018 04:41:11 -0400
Subject: [PATCH] Fix exploit that allowed colored signs to be created
diff --git a/src/main/java/net/minecraft/SharedConstants.java b/src/main/java/net/minecraft/SharedConstants.java
index b92975aa85fd79c70d6bec014284e8f55d0d3a4b..d5d6c545182b9b0b6aa5e52f1f9858450a17038e 100644
--- a/src/main/java/net/minecraft/SharedConstants.java
+++ b/src/main/java/net/minecraft/SharedConstants.java
@@ -20,6 +20,7 @@ public class SharedConstants {
return c0 != 167 && c0 >= ' ' && c0 != 127;
}
+ public static String filterAllowedChatCharacters(String input) { return a(input); } // Paper - OBFHELPER
public static String a(String s) {
StringBuilder stringbuilder = new StringBuilder();
char[] achar = s.toCharArray();
diff --git a/src/main/java/net/minecraft/server/network/PlayerConnection.java b/src/main/java/net/minecraft/server/network/PlayerConnection.java
index fc624315b156f450c1cbc87a81e9eeff5d31b4c2..d4862a3a7f523c13c452e7b67072261556162437 100644
--- a/src/main/java/net/minecraft/server/network/PlayerConnection.java
+++ b/src/main/java/net/minecraft/server/network/PlayerConnection.java
@@ -2787,7 +2787,7 @@ public class PlayerConnection implements PacketListenerPlayIn {
List<net.kyori.adventure.text.Component> lines = new java.util.ArrayList<>();
for (int i = 0; i < list.size(); ++i) {
- lines.add(net.kyori.adventure.text.Component.text(list.get(i)));
+ lines.add(net.kyori.adventure.text.Component.text(SharedConstants.filterAllowedChatCharacters(list.get(i)))); // Paper - Replaced with anvil color stripping method to stop exploits that allow colored signs to be created.
}
SignChangeEvent event = new SignChangeEvent(org.bukkit.craftbukkit.block.CraftBlock.at(worldserver, blockposition), this.getPlayer(), lines);
this.server.getPluginManager().callEvent(event);
Reference in a new issue View git blame Copy permalink