From d6e61e3e0016dc819fee862ae71887994eb6f491 Mon Sep 17 00:00:00 2001
From: "Dylan K. Taylor" <odigiman@gmail.com>
Date: Sat, 21 Jul 2018 14:19:24 +0100
Subject: [PATCH] ResourcePacksSessionHandler: Account for out-of-bounds chunk
 requests

---
 .../mcpe/handler/ResourcePacksSessionHandler.php     | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/pocketmine/network/mcpe/handler/ResourcePacksSessionHandler.php b/src/pocketmine/network/mcpe/handler/ResourcePacksSessionHandler.php
index e0209afe2..105a1829b 100644
--- a/src/pocketmine/network/mcpe/handler/ResourcePacksSessionHandler.php
+++ b/src/pocketmine/network/mcpe/handler/ResourcePacksSessionHandler.php
@@ -113,11 +113,19 @@ class ResourcePacksSessionHandler extends SessionHandler{
 			return false;
 		}
 
+		$offset = $packet->chunkIndex * self::PACK_CHUNK_SIZE;
+		if($offset < 0 or $offset >= $pack->getPackSize()){
+			$this->player->close("", "disconnectionScreen.resourcePack", true);
+			$this->player->getServer()->getLogger()->debug("Got a resource pack chunk request with invalid start offset $offset, file size is " . $pack->getPackSize());
+
+			return false;
+		}
+
 		$pk = new ResourcePackChunkDataPacket();
 		$pk->packId = $pack->getPackId();
 		$pk->chunkIndex = $packet->chunkIndex;
-		$pk->data = $pack->getPackChunk(self::PACK_CHUNK_SIZE * $packet->chunkIndex, self::PACK_CHUNK_SIZE);
-		$pk->progress = self::PACK_CHUNK_SIZE * $packet->chunkIndex;
+		$pk->data = $pack->getPackChunk($offset, self::PACK_CHUNK_SIZE);
+		$pk->progress = $offset;
 		$this->session->sendDataPacket($pk);
 
 		return true;