mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-08-31 07:21:17 +00:00
Code Issues Projects Releases Wiki Activity

ItemStackRequestExecutor: harden against invalid item counts

Browse Source 
these cases should all be impossible, but that's assuming that the core code doesn't start using them for a different purpose in the future.
This commit is contained in:
Dylan K. Taylor 2023-03-21 00:13:21 +00:00
parent 955f7944bb
commit f90315c4a2
No known key found for this signature in database
GPG Key ID: 8927471A91CAFD3D
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/network/mcpe/handler/ItemStackRequestExecutor.php
View File

@ -141,8 +141,9 @@ final class ItemStackRequestExecutor{
private function removeItemFromSlot(ItemStackRequestSlotInfo $slotInfo, int $count) : Item{ private function removeItemFromSlot(ItemStackRequestSlotInfo $slotInfo, int $count) : Item{
$this->requestSlotInfos[] = $slotInfo; $this->requestSlotInfos[] = $slotInfo;
[$inventory, $slot] = $this->getBuilderInventoryAndSlot($slotInfo); [$inventory, $slot] = $this->getBuilderInventoryAndSlot($slotInfo);
if($count === 0){ if($count < 1){
throw new ItemStackRequestProcessException($this->prettyInventoryAndSlot($inventory, $slot) . ": Cannot take 0 items from a stack"); //this should be impossible at the protocol level, but in case of buggy core code this will prevent exploits
throw new ItemStackRequestProcessException($this->prettyInventoryAndSlot($inventory, $slot) . ": Cannot take less than 1 items from a stack");
} }
$existingItem = $inventory->getItem($slot); $existingItem = $inventory->getItem($slot);
@ -162,6 +163,10 @@ final class ItemStackRequestExecutor{
private function addItemToSlot(ItemStackRequestSlotInfo $slotInfo, Item $item, int $count) : void{ private function addItemToSlot(ItemStackRequestSlotInfo $slotInfo, Item $item, int $count) : void{
$this->requestSlotInfos[] = $slotInfo; $this->requestSlotInfos[] = $slotInfo;
[$inventory, $slot] = $this->getBuilderInventoryAndSlot($slotInfo); [$inventory, $slot] = $this->getBuilderInventoryAndSlot($slotInfo);
if($count < 1){
//this should be impossible at the protocol level, but in case of buggy core code this will prevent exploits
throw new ItemStackRequestProcessException($this->prettyInventoryAndSlot($inventory, $slot) . ": Cannot take less than 1 items from a stack");
}
$existingItem = $inventory->getItem($slot); $existingItem = $inventory->getItem($slot);
if(!$existingItem->isNull() && !$existingItem->canStackWith($item)){ if(!$existingItem->isNull() && !$existingItem->canStackWith($item)){
@ -232,6 +237,10 @@ final class ItemStackRequestExecutor{
} }
private function takeCreatedItem(ItemStackRequestSlotInfo $destination, int $count) : void{ private function takeCreatedItem(ItemStackRequestSlotInfo $destination, int $count) : void{
if($count < 1){
//this should be impossible at the protocol level, but in case of buggy core code this will prevent exploits
throw new ItemStackRequestProcessException("Cannot take less than 1 created item");
}
$createdItem = $this->nextCreatedItem; $createdItem = $this->nextCreatedItem;
if($createdItem === null){ if($createdItem === null){
throw new ItemStackRequestProcessException("No created item is waiting to be taken"); throw new ItemStackRequestProcessException("No created item is waiting to be taken");