EaglerArchive/eaglerxserver
1
0
Fork 0
mirror of https://github.com/lax1dude/eaglerxserver synced 2025-06-05 15:51:59 -09:00
Code Issues Packages Projects Releases Wiki Activity

Fix OOM vulnerability in protocol module

Browse Source
This commit is contained in:
lax1dude 2025-05-29 11:10:59 -07:00
parent 6588c2dfed
commit b7eae2199f
5 changed files with 29 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/src/main/java/net/lax1dude/eaglercraft/backend/server/base/message/ByteBufInputWrapper.java
View File

@ -153,12 +153,24 @@ public class ByteBufInputWrapper implements GamePacketInputBuffer {
}
@Override
@Deprecated(forRemoval = true)
public byte[] readByteArrayMC() throws IOException {
byte[] abyte = new byte[BufferUtils.readVarInt(buffer, 5)];
buffer.readBytes(abyte);
return abyte;
}
@Override
public byte[] readByteArrayMC(int maxLen) throws IOException {
int i = BufferUtils.readVarInt(buffer, 5);
if (i > maxLen) {
throw new IOException("Byte array is too long: " + i + " > " + maxLen);
}
byte[] abyte = new byte[i];
buffer.readBytes(abyte);
return abyte;
}
@Override
public int available() throws IOException {
return buffer.readableBytes();

3
protocol-game/src/main/java/net/lax1dude/eaglercraft/v1_8/socket/protocol/GamePacketInputBuffer.java
View File

@ -34,8 +34,11 @@ public interface GamePacketInputBuffer extends DataInput {
String readStringEaglerASCII16() throws IOException;
@Deprecated(forRemoval = true)
byte[] readByteArrayMC() throws IOException;
byte[] readByteArrayMC(int maxLen) throws IOException;
int available() throws IOException;
InputStream stream();

2
protocol-game/src/main/java/net/lax1dude/eaglercraft/v1_8/socket/protocol/pkt/client/CPacketWebViewMessageV4EAG.java
View File

@ -53,7 +53,7 @@ public class CPacketWebViewMessageV4EAG implements GameMessagePacket {
@Override
public void readPacket(GamePacketInputBuffer buffer) throws IOException {
type = buffer.readUnsignedByte();
data = buffer.readByteArrayMC();
data = buffer.readByteArrayMC(32750);
}
@Override

2
protocol-game/src/main/java/net/lax1dude/eaglercraft/v1_8/socket/protocol/pkt/server/SPacketWebViewMessageV4EAG.java
View File

@ -53,7 +53,7 @@ public class SPacketWebViewMessageV4EAG implements GameMessagePacket {
@Override
public void readPacket(GamePacketInputBuffer buffer) throws IOException {
type = buffer.readUnsignedByte();
data = buffer.readByteArrayMC();
data = buffer.readByteArrayMC(32750);
}
@Override

12
protocol-game/src/main/java/net/lax1dude/eaglercraft/v1_8/socket/protocol/util/SimpleInputBufferImpl.java
View File

@ -171,12 +171,24 @@ public class SimpleInputBufferImpl extends DataInputStream implements GamePacket
}
@Override
@Deprecated(forRemoval = true)
public byte[] readByteArrayMC() throws IOException {
byte[] abyte = new byte[this.readVarInt()];
this.readFully(abyte);
return abyte;
}
@Override
public byte[] readByteArrayMC(int maxLen) throws IOException {
int i = this.readVarInt();
if (i > maxLen) {
throw new IOException("Byte array is too long: " + i + " > " + maxLen);
}
byte[] abyte = new byte[i];
this.readFully(abyte);
return abyte;
}
@Override
public InputStream stream() {
return in;