mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-04-21 08:17:34 +00:00
Code Issues Projects Releases Wiki Activity

LoginPacket: fixed error handling edge case with malformed chain data JSON

Browse Source
This commit is contained in:
Dylan K. Taylor 2020-05-06 21:46:35 +01:00
parent ed757c7207
commit 0b6d6306cf
2 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/network/mcpe/protocol/LoginPacket.php
View File

@ -33,7 +33,9 @@ use pocketmine\network\mcpe\protocol\types\login\JwtChain;
use pocketmine\utils\BinaryDataException;
use pocketmine\utils\BinaryStream;
use function is_array;
use function is_object;
use function json_decode;
use function json_last_error_msg;
class LoginPacket extends DataPacket implements ServerboundPacket{
public const NETWORK_ID = ProtocolInfo::LOGIN_PACKET;
@ -69,6 +71,9 @@ class LoginPacket extends DataPacket implements ServerboundPacket{
$buffer = new BinaryStream($in->getString());
$chainDataJson = json_decode($buffer->get($buffer->getLInt()));
if(!is_object($chainDataJson)){
throw new PacketDecodeException("Failed decoding chain data JSON: " . json_last_error_msg());
}
$mapper = new \JsonMapper;
$mapper->bExceptionOnMissingData = true;
$mapper->bExceptionOnUndefinedProperty = true;

48
tests/phpunit/network/mcpe/protocol/LoginPacketTest.php Normal file
View File

@ -0,0 +1,48 @@
<?php
/*
*
* ____ _ _ __ __ _ __ __ ____
* | _ \ ___ ___| | _____| |_| \/ (_)_ __ ___ | \/ | _ \
* | |_) / _ \ / __| |/ / _ \ __| |\/| | | '_ \ / _ \_____| |\/| | |_) |
* | __/ (_) | (__| < __/ |_| | | | | | | | __/_____| | | | __/
* |_| \___/ \___|_|\_\___|\__|_| |_|_|_| |_|\___| |_| |_|_|
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* @author PocketMine Team
* @link http://www.pocketmine.net/
*
*
*/
declare(strict_types=1);
namespace pocketmine\network\mcpe\protocol;
use PHPUnit\Framework\TestCase;
use pocketmine\network\mcpe\protocol\serializer\NetworkBinaryStream;
use function strlen;
class LoginPacketTest extends TestCase{
public function testInvalidChainDataJsonHandling() : void{
$stream = new NetworkBinaryStream();
$stream->putUnsignedVarInt(ProtocolInfo::LOGIN_PACKET);
$payload = '{"chain":[]'; //intentionally malformed
$stream->putInt(ProtocolInfo::CURRENT_PROTOCOL);
$stream2 = new NetworkBinaryStream();
$stream2->putLInt(strlen($payload));
$stream2->put($payload);
$stream->putString($stream2->getBuffer());
$pk = PacketPool::getInstance()->getPacket($stream->getBuffer());
$this->expectException(PacketDecodeException::class);
$pk->decode(); //bang
}
}