mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-04-21 08:17:34 +00:00
Code Issues Projects Releases Wiki Activity

CrashDump: revert removal of RCON password redact in 738e310798f5a4742b2dc81a926bd0989e543ee5

Browse Source 
there's guaranteed to be some plant pot who uses 4.0, leaks his RCON password, downgrades back to 3.x, and then gets hacked.
This commit is contained in:
Dylan K. Taylor 2019-06-18 19:53:43 +01:00
parent c5707f6174
commit ff8ca99c9f
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/pocketmine/CrashDump.php
View File

@ -52,6 +52,7 @@ use function ob_start;
use function php_uname;
use function phpinfo;
use function phpversion;
use function preg_replace;
use function str_split;
use function strpos;
use function strtoupper;
@ -172,6 +173,7 @@ class CrashDump{
if($this->server->getProperty("auto-report.send-settings", true) !== false){
$this->data["parameters"] = (array) $argv;
$this->data["server.properties"] = @file_get_contents($this->server->getDataPath() . "server.properties");
$this->data["server.properties"] = preg_replace("#^rcon\\.password=(.*)$#m", "rcon.password=******", $this->data["server.properties"]);
$this->data["pocketmine.yml"] = @file_get_contents($this->server->getDataPath() . "pocketmine.yml");
}else{
$this->data["pocketmine.yml"] = "";