mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-05-18 03:35:33 +00:00
Code Issues Projects Releases Wiki Activity

LoginPacketHandler: properly handle failure to base64_decode stuff from JWT

Browse Source 
previously this might just return false and blow up in your face.
I considered fixing this on stable too, but it's less useful there because so much stuff on stable just explodes at the first wrong thing anyway.
This commit is contained in:
Dylan K. Taylor 2020-05-14 09:46:44 +01:00
parent 955b23cc8e
commit 36c5d9117d
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/network/mcpe/handler/LoginPacketHandler.php
View File

@ -100,16 +100,23 @@ class LoginPacketHandler extends PacketHandler{
return true; return true;
} }
$safeB64Decode = static function(string $base64, string $context) : string{
$result = base64_decode($base64, true);
if($result === false){
throw new \InvalidArgumentException("$context: Malformed base64, cannot be decoded");
}
return $result;
};
try{ try{
$clientData = $packet->clientData; //this serves no purpose except readability $clientData = $packet->clientData; //this serves no purpose except readability
/** @var SkinAnimation[] $animations */ /** @var SkinAnimation[] $animations */
$animations = []; $animations = [];
foreach($clientData->AnimatedImageData as $animation){ foreach($clientData->AnimatedImageData as $k => $animation){
$animations[] = new SkinAnimation( $animations[] = new SkinAnimation(
new SkinImage( new SkinImage(
$animation->ImageHeight, $animation->ImageHeight,
$animation->ImageWidth, $animation->ImageWidth,
base64_decode($animation->Image, true) $safeB64Decode($animation->Image, "AnimatedImageData.$k.Image")
), ),
$animation->Type, $animation->Type,
$animation->Frames $animation->Frames
@ -117,12 +124,12 @@ class LoginPacketHandler extends PacketHandler{
} }
$skinData = new SkinData( $skinData = new SkinData(
$clientData->SkinId, $clientData->SkinId,
base64_decode($clientData->SkinResourcePatch, true), $safeB64Decode($clientData->SkinResourcePatch, "SkinResourcePatch"),
new SkinImage($clientData->SkinImageHeight, $clientData->SkinImageWidth, base64_decode($clientData->SkinData, true)), new SkinImage($clientData->SkinImageHeight, $clientData->SkinImageWidth, $safeB64Decode($clientData->SkinData, "SkinData")),
$animations, $animations,
new SkinImage($clientData->CapeImageHeight, $clientData->CapeImageWidth, base64_decode($clientData->CapeData, true)), new SkinImage($clientData->CapeImageHeight, $clientData->CapeImageWidth, $safeB64Decode($clientData->CapeData, "CapeData")),
base64_decode($clientData->SkinGeometryData, true), $safeB64Decode($clientData->SkinGeometryData, "SkinGeometryData"),
base64_decode($clientData->SkinAnimationData, true), $safeB64Decode($clientData->SkinAnimationData, "SkinAnimationData"),
$clientData->PremiumSkin, $clientData->PremiumSkin,
$clientData->PersonaSkin, $clientData->PersonaSkin,
$clientData->CapeOnClassicSkin, $clientData->CapeOnClassicSkin,