mirror of
https://github.com/Winds-Studio/Leaf.git
synced 2025-12-22 00:19:20 +00:00
49 lines
2.9 KiB
Diff
49 lines
2.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Dreeam <61569423+Dreeam-qwq@users.noreply.github.com>
|
|
Date: Sat, 9 Mar 2024 10:54:59 -0500
|
|
Subject: [PATCH] Block log4j rce exploit in chat
|
|
|
|
|
|
diff --git a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
index 6f38bd7a7c6e7bb8ade7b79756ab0afded6add99..9546f79db7ab0a247cc658640e861e96eb1c0ace 100644
|
|
--- a/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
+++ b/src/main/java/net/minecraft/server/network/ServerGamePacketListenerImpl.java
|
|
@@ -2438,6 +2438,8 @@ public class ServerGamePacketListenerImpl extends ServerCommonPacketListenerImpl
|
|
}
|
|
|
|
private void tryHandleChat(String s, Runnable runnable, boolean sync) { // CraftBukkit
|
|
+ if (ServerGamePacketListenerImpl.isLog4jExploit(s)) return; // Leaf - Block log4j rce exploit in chat
|
|
+
|
|
if (ServerGamePacketListenerImpl.isChatMessageIllegal(s)) {
|
|
this.disconnect(Component.translatable("multiplayer.disconnect.illegal_characters"), org.bukkit.event.player.PlayerKickEvent.Cause.ILLEGAL_CHARACTERS); // Paper
|
|
} else if (this.player.isRemoved() || this.player.getChatVisibility() == ChatVisiblity.HIDDEN) { // CraftBukkit - dead men tell no tales
|
|
@@ -2469,6 +2471,15 @@ public class ServerGamePacketListenerImpl extends ServerCommonPacketListenerImpl
|
|
}
|
|
}
|
|
|
|
+ // Leaf start - Block log4j rce exploit in chat
|
|
+ public static boolean isLog4jExploit(String message) {
|
|
+ java.util.regex.Pattern pattern = java.util.regex.Pattern.compile(".*\\$\\{[^}]*}.*");
|
|
+ java.util.regex.Matcher matcher = pattern.matcher(message);
|
|
+
|
|
+ return matcher.find();
|
|
+ }
|
|
+ // Leaf end
|
|
+
|
|
public static boolean isChatMessageIllegal(String message) {
|
|
for (int i = 0; i < message.length(); ++i) {
|
|
if (!StringUtil.isAllowedChatCharacter(message.charAt(i))) {
|
|
diff --git a/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java b/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
|
|
index 547bb44769e3cf23cd0fee669d335c37ff15aa92..14678f175a02592db1305584d36421e20e6263d8 100644
|
|
--- a/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
|
|
+++ b/src/main/java/org/bukkit/craftbukkit/entity/CraftPlayer.java
|
|
@@ -751,6 +751,8 @@ public class CraftPlayer extends CraftHumanEntity implements Player {
|
|
|
|
if (this.getHandle().connection == null) return;
|
|
|
|
+ if (ServerGamePacketListenerImpl.isLog4jExploit(msg)) return; // Leaf - Block log4j rce exploit in chat
|
|
+
|
|
// Paper start - Improve chat handling
|
|
if (ServerGamePacketListenerImpl.isChatMessageIllegal(msg)) {
|
|
this.getHandle().connection.disconnect(Component.translatable("multiplayer.disconnect.illegal_characters"), org.bukkit.event.player.PlayerKickEvent.Cause.ILLEGAL_CHARACTERS); // Paper - kick event causes
|