Skip to content

Commit 1a4cce0

Browse files
authored
Security fixes in plugin messaging (#1836)
* bugfix: wrong method * security: handling packet on proxy * refactor: reorder checks * comments * security: handling message on proxy * comments: better * style: following style guids
1 parent a720b59 commit 1a4cce0

File tree

3 files changed

+38
-14
lines changed
  • compatibility
    • bungeecord-geyser/src/main/java/com/ghostchu/quickshop/compatibility/bungeecord.geyser
    • bungeecord/src/main/java/com/ghostchu/quickshop/compatibility/bungeecord
    • velocity/src/main/java/com/ghostchu/quickshop/compatibility/velocity

3 files changed

+38
-14
lines changed

compatibility/bungeecord-geyser/src/main/java/com/ghostchu/quickshop/compatibility/bungeecord.geyser/Main.java

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
import com.google.common.io.ByteArrayDataOutput;
44
import com.google.common.io.ByteStreams;
5+
import net.md_5.bungee.api.event.PluginMessageEvent;
56
import net.md_5.bungee.api.event.ServerConnectedEvent;
67
import net.md_5.bungee.api.plugin.Listener;
78
import net.md_5.bungee.api.plugin.Plugin;
@@ -39,6 +40,18 @@ public void onDisable() {
3940
getProxy().unregisterChannel(BUNGEE_CHANNEL);
4041
}
4142

43+
@EventHandler
44+
public void on(final PluginMessageEvent event) {
45+
// Is this our business?
46+
if(!BUNGEE_CHANNEL.equalsIgnoreCase(event.getTag())) {
47+
return;
48+
}
49+
// Let's not be a snitch
50+
// we don't want the client to send any message to the server
51+
// nor do we want the proxy to send any message to the player
52+
event.setCancelled(true);
53+
}
54+
4255
@EventHandler
4356
public void switchServer(final ServerConnectedEvent event) {
4457

compatibility/bungeecord/src/main/java/com/ghostchu/quickshop/compatibility/bungeecord/Main.java

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -46,19 +46,24 @@ public void onDisable() {
4646

4747
@EventHandler
4848
public void on(final PluginMessageEvent event) {
49-
49+
// Is this our business?
5050
if(!QUICKSHOP_BUNGEE_CHANNEL.equalsIgnoreCase(event.getTag())) {
5151
return;
5252
}
53-
53+
// Let's not be a snitch
54+
// we don't want the client to send any message to the server
55+
// nor do we want the proxy to send any message to the player
56+
event.setCancelled(true);
57+
// Is the source correct?
58+
// we can only trust the server not the player
59+
if(!(event.getSender() instanceof Server)) return; // Somebody is being nasty
60+
// We can trust the source
61+
// server sent us the message
5462
final ByteArrayDataInput in = ByteStreams.newDataInput(event.getData());
5563
final String subChannel = in.readUTF();
5664
if(SUB_CHANNEL_COMMAND.equalsIgnoreCase(subChannel)) {
57-
// the receiver is a server when the proxy talks to a server
58-
if(event.getReceiver() instanceof Server) {
59-
final String command = in.readUTF();
60-
processCommand(command, in);
61-
}
65+
final String command = in.readUTF();
66+
processCommand(command, in);
6267
}
6368
}
6469

compatibility/velocity/src/main/java/com/ghostchu/quickshop/compatibility/velocity/Main.java

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -124,18 +124,24 @@ public void onProxyShutdown(final ProxyShutdownEvent event) {
124124

125125
@Subscribe
126126
public void on(final PluginMessageEvent event) {
127-
127+
// Is this our business?
128128
if(!QUICKSHOP_BUNGEE_CHANNEL.equals(event.getIdentifier())) {
129129
return;
130130
}
131+
// Let's not be a snitch
132+
// we don't want the client to send any message to the server
133+
// nor do we want the proxy to send any message to the player
134+
event.setResult(PluginMessageEvent.ForwardResult.handled());
135+
// Is the source correct?
136+
// we can only trust the server not the player
137+
if(!(event.getSource() instanceof ServerConnection)) return;
138+
// We can trust the source
139+
// server sent us the message
131140
final ByteArrayDataInput in = event.dataAsDataStream();
132141
final String subChannel = in.readUTF();
133142
if(SUB_CHANNEL_COMMAND.equalsIgnoreCase(subChannel)) {
134-
// the receiver is a server when the proxy talks to a server
135-
if(event.getSource() instanceof ServerConnection) {
136-
final String command = in.readUTF();
137-
processCommand(command, in);
138-
}
143+
final String command = in.readUTF();
144+
processCommand(command, in);
139145
}
140146
}
141147

@@ -191,4 +197,4 @@ public void onServerKick(final ServerPostConnectEvent event) {
191197

192198
pendingForward.remove(event.getPlayer().getUniqueId());
193199
}
194-
}
200+
}

0 commit comments

Comments
 (0)