mirror of
https://github.com/BX-Team/DivineMC.git
synced 2025-12-19 14:59:25 +00:00
35 lines
1.9 KiB
Diff
35 lines
1.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: NONPLAYT <76615486+NONPLAYT@users.noreply.github.com>
|
|
Date: Sat, 1 Feb 2025 19:28:34 +0300
|
|
Subject: [PATCH] Block Log4Shell exploit
|
|
|
|
|
|
diff --git a/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
index b2881d1b0cc2bc172dd21349e07b7e6f89bd996c..c96c13ff7e2f0f62166e429dcb66ff5217604c32 100644
|
|
--- a/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
+++ b/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
@@ -2425,6 +2425,7 @@ public class ServerGamePacketListenerImpl
|
|
}
|
|
|
|
private void tryHandleChat(String message, Runnable handler, boolean sync) { // CraftBukkit
|
|
+ if (ServerGamePacketListenerImpl.isLog4ShellExploit(message)) return; // DivineMC - Block Log4Shell exploit
|
|
if (isChatMessageIllegal(message)) {
|
|
this.disconnectAsync(Component.translatable("multiplayer.disconnect.illegal_characters"), org.bukkit.event.player.PlayerKickEvent.Cause.ILLEGAL_CHARACTERS); // Paper - add proper async disconnect
|
|
} else if (this.player.isRemoved() || this.player.getChatVisibility() == ChatVisiblity.HIDDEN) { // CraftBukkit - dead men tell no tales
|
|
@@ -2453,6 +2454,15 @@ public class ServerGamePacketListenerImpl
|
|
}
|
|
}
|
|
|
|
+ // DivineMC start - Block Log4Shell exploit
|
|
+ public static boolean isLog4ShellExploit(String message) {
|
|
+ java.util.regex.Pattern pattern = java.util.regex.Pattern.compile(".*\\$\\{[^}]*}.*");
|
|
+ java.util.regex.Matcher matcher = pattern.matcher(message);
|
|
+
|
|
+ return matcher.find();
|
|
+ }
|
|
+ // DivineMC end - Block Log4Shell exploit
|
|
+
|
|
public static boolean isChatMessageIllegal(String message) {
|
|
for (int i = 0; i < message.length(); i++) {
|
|
if (!StringUtil.isAllowedChatCharacter(message.charAt(i))) {
|