From 811aba3339d9be8ecb04f888c6e9e8036930ba9d Mon Sep 17 00:00:00 2001 From: Amberichu <4722249+davchoo@users.noreply.github.com> Date: Sun, 18 Jun 2023 20:02:27 -0400 Subject: [PATCH] Validate written_book tags and fix writable book losing changes (#3894) * Validate NBT tags of written_book like Java edition * Update page count and character count limits The maximum number of characters allowed in Java's book edit screen is 1024 for each page and 16 for the title. However, the packet itself has a limit of 8192 * 3 bytes for each page and 128 * 3 bytes for the title. * Fix writable book losing changes when signing Bedrock sends a 3 action InventoryTransactionPacket after the player changes a page. This causes Geyser to send a ServerboundEditBookPacket with an outdated NBT. The Java responses with a ClientboundContainerSetSlotPacket that overwrites any NBT Changes from BedrockBookEditTranslator. * Add a comment for the title length check * Specify color in Component.translatable --- .../inventory/item/StoredItemMappings.java | 2 + .../java/org/geysermc/geyser/item/Items.java | 4 +- ...bleBookItem.java => WritableBookItem.java} | 7 +- .../geyser/item/type/WrittenBookItem.java | 98 +++++++++++++++++++ .../geyser/session/cache/BookEditCache.java | 2 +- .../bedrock/BedrockBookEditTranslator.java | 12 ++- ...BedrockInventoryTransactionTranslator.java | 10 ++ 7 files changed, 122 insertions(+), 13 deletions(-) rename core/src/main/java/org/geysermc/geyser/item/type/{ReadableBookItem.java => WritableBookItem.java} (93%) create mode 100644 core/src/main/java/org/geysermc/geyser/item/type/WrittenBookItem.java diff --git a/core/src/main/java/org/geysermc/geyser/inventory/item/StoredItemMappings.java b/core/src/main/java/org/geysermc/geyser/inventory/item/StoredItemMappings.java index c4137fba9..42b9ae1a0 100644 --- a/core/src/main/java/org/geysermc/geyser/inventory/item/StoredItemMappings.java +++ b/core/src/main/java/org/geysermc/geyser/inventory/item/StoredItemMappings.java @@ -51,6 +51,7 @@ public class StoredItemMappings { private final ItemMapping egg; private final ItemMapping shield; private final ItemMapping wheat; + private final ItemMapping writableBook; public StoredItemMappings(Map itemMappings) { this.bamboo = load(itemMappings, Items.BAMBOO); @@ -64,6 +65,7 @@ public class StoredItemMappings { this.egg = load(itemMappings, Items.EGG); this.shield = load(itemMappings, Items.SHIELD); this.wheat = load(itemMappings, Items.WHEAT); + this.writableBook = load(itemMappings, Items.WRITABLE_BOOK); } @Nonnull diff --git a/core/src/main/java/org/geysermc/geyser/item/Items.java b/core/src/main/java/org/geysermc/geyser/item/Items.java index 1339f166a..303665c79 100644 --- a/core/src/main/java/org/geysermc/geyser/item/Items.java +++ b/core/src/main/java/org/geysermc/geyser/item/Items.java @@ -1084,8 +1084,8 @@ public final class Items { public static final Item ZOMBIFIED_PIGLIN_SPAWN_EGG = register(new SpawnEggItem("zombified_piglin_spawn_egg", builder())); public static final Item EXPERIENCE_BOTTLE = register(new Item("experience_bottle", builder())); public static final Item FIRE_CHARGE = register(new Item("fire_charge", builder())); - public static final Item WRITABLE_BOOK = register(new ReadableBookItem("writable_book", builder().stackSize(1))); - public static final Item WRITTEN_BOOK = register(new ReadableBookItem("written_book", builder().stackSize(16))); + public static final Item WRITABLE_BOOK = register(new WritableBookItem("writable_book", builder().stackSize(1))); + public static final Item WRITTEN_BOOK = register(new WrittenBookItem("written_book", builder().stackSize(16))); public static final Item ITEM_FRAME = register(new Item("item_frame", builder())); public static final Item GLOW_ITEM_FRAME = register(new Item("glow_item_frame", builder())); public static final Item FLOWER_POT = register(new BlockItem("flower_pot", builder())); diff --git a/core/src/main/java/org/geysermc/geyser/item/type/ReadableBookItem.java b/core/src/main/java/org/geysermc/geyser/item/type/WritableBookItem.java similarity index 93% rename from core/src/main/java/org/geysermc/geyser/item/type/ReadableBookItem.java rename to core/src/main/java/org/geysermc/geyser/item/type/WritableBookItem.java index 814a6264e..dfebecf7d 100644 --- a/core/src/main/java/org/geysermc/geyser/item/type/ReadableBookItem.java +++ b/core/src/main/java/org/geysermc/geyser/item/type/WritableBookItem.java @@ -37,11 +37,8 @@ import org.geysermc.geyser.translator.text.MessageTranslator; import java.util.ArrayList; import java.util.List; -/** - * Encapsulates written books and writable books. Customly named class to share common code. - */ -public class ReadableBookItem extends Item { - public ReadableBookItem(String javaIdentifier, Builder builder) { +public class WritableBookItem extends Item { + public WritableBookItem(String javaIdentifier, Builder builder) { super(javaIdentifier, builder); } diff --git a/core/src/main/java/org/geysermc/geyser/item/type/WrittenBookItem.java b/core/src/main/java/org/geysermc/geyser/item/type/WrittenBookItem.java new file mode 100644 index 000000000..045aaa416 --- /dev/null +++ b/core/src/main/java/org/geysermc/geyser/item/type/WrittenBookItem.java @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2019-2023 GeyserMC. http://geysermc.org + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @author GeyserMC + * @link https://github.com/GeyserMC/Geyser + */ + +package org.geysermc.geyser.item.type; + +import com.github.steveice10.opennbt.tag.builtin.CompoundTag; +import com.github.steveice10.opennbt.tag.builtin.ListTag; +import com.github.steveice10.opennbt.tag.builtin.StringTag; +import com.github.steveice10.opennbt.tag.builtin.Tag; +import net.kyori.adventure.text.Component; +import net.kyori.adventure.text.format.NamedTextColor; +import org.checkerframework.checker.nullness.qual.NonNull; +import org.geysermc.geyser.session.GeyserSession; +import org.geysermc.geyser.translator.text.MessageTranslator; + +import java.util.List; + +public class WrittenBookItem extends WritableBookItem { + public static final int MAXIMUM_PAGE_EDIT_LENGTH = 1024; + public static final int MAXIMUM_PAGE_LENGTH = 32768; + public static final int MAXIMUM_PAGE_COUNT = 100; // Java edition limit. Bedrock edition has a limit of 50 pages. + public static final int MAXIMUM_TITLE_LENGTH = 16; + + public WrittenBookItem(String javaIdentifier, Builder builder) { + super(javaIdentifier, builder); + } + + @Override + public void translateNbtToBedrock(@NonNull GeyserSession session, @NonNull CompoundTag tag) { + boolean isValid = isValidWrittenBook(tag); + if (!isValid) { + tag.remove("pages"); + } + + super.translateNbtToBedrock(session, tag); + + if (!isValid) { + CompoundTag invalidTagPage = new CompoundTag(""); + invalidTagPage.put(new StringTag("photoname", "")); + invalidTagPage.put(new StringTag( + "text", + MessageTranslator.convertMessage( + Component.translatable("book.invalid.tag", NamedTextColor.DARK_RED), + session.locale() + ) + )); + tag.put(new ListTag("pages", List.of(invalidTagPage))); + } + } + + private boolean isValidWrittenBook(CompoundTag tag) { + if (!(tag.get("title") instanceof StringTag title)) { + return false; + } + if (title.getValue().length() > (MAXIMUM_TITLE_LENGTH * 2)) { + // Java rejects books with titles more than 2x the maximum length allowed in the input box + return false; + } + + if (!(tag.get("author") instanceof StringTag)) { + return false; + } + + if (!(tag.get("pages") instanceof ListTag pages)) { + return false; + } + for (Tag pageTag : pages) { + if (pageTag instanceof StringTag page) { + if (page.getValue().length() > MAXIMUM_PAGE_LENGTH) { + return false; + } + } + } + return true; + } +} diff --git a/core/src/main/java/org/geysermc/geyser/session/cache/BookEditCache.java b/core/src/main/java/org/geysermc/geyser/session/cache/BookEditCache.java index 5cd112a5f..35bea7295 100644 --- a/core/src/main/java/org/geysermc/geyser/session/cache/BookEditCache.java +++ b/core/src/main/java/org/geysermc/geyser/session/cache/BookEditCache.java @@ -62,7 +62,7 @@ public class BookEditCache { if ((System.currentTimeMillis() - lastBookUpdate) < 1000) { return; } - // Don't send the update if the player isn't not holding a book, shouldn't happen if we catch all interactions + // Don't send the update if the player is not holding a book, shouldn't happen if we catch all interactions GeyserItemStack itemStack = session.getPlayerInventory().getItemInHand(); if (itemStack == null || itemStack.asItem() != Items.WRITABLE_BOOK) { packet = null; diff --git a/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockBookEditTranslator.java b/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockBookEditTranslator.java index 1d5c5828c..6547044c3 100644 --- a/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockBookEditTranslator.java +++ b/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockBookEditTranslator.java @@ -33,12 +33,12 @@ import com.github.steveice10.opennbt.tag.builtin.StringTag; import com.github.steveice10.opennbt.tag.builtin.Tag; import org.cloudburstmc.protocol.bedrock.packet.BookEditPacket; import org.geysermc.geyser.inventory.GeyserItemStack; +import org.geysermc.geyser.item.type.WrittenBookItem; import org.geysermc.geyser.session.GeyserSession; import org.geysermc.geyser.translator.protocol.PacketTranslator; import org.geysermc.geyser.translator.protocol.Translator; import org.geysermc.geyser.translator.text.MessageTranslator; -import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Collections; import java.util.LinkedList; @@ -46,12 +46,10 @@ import java.util.List; @Translator(packet = BookEditPacket.class) public class BedrockBookEditTranslator extends PacketTranslator { - private static final int MAXIMUM_PAGE_LENGTH = 8192 * 4; - private static final int MAXIMUM_TITLE_LENGTH = 128 * 4; @Override public void translate(GeyserSession session, BookEditPacket packet) { - if (packet.getText() != null && !packet.getText().isEmpty() && packet.getText().getBytes(StandardCharsets.UTF_8).length > MAXIMUM_PAGE_LENGTH) { + if (packet.getText() != null && !packet.getText().isEmpty() && packet.getText().length() > WrittenBookItem.MAXIMUM_PAGE_EDIT_LENGTH) { session.getGeyser().getLogger().warning("Page length greater than server allowed!"); return; } @@ -63,6 +61,10 @@ public class BedrockBookEditTranslator extends PacketTranslator List pages = tag.contains("pages") ? new LinkedList<>(((ListTag) tag.get("pages")).getValue()) : new LinkedList<>(); int page = packet.getPageNumber(); + if (page < 0 || WrittenBookItem.MAXIMUM_PAGE_COUNT <= page) { + session.getGeyser().getLogger().warning("Edited page is out of acceptable bounds!"); + return; + } switch (packet.getAction()) { case ADD_PAGE: { // Add empty pages in between @@ -129,7 +131,7 @@ public class BedrockBookEditTranslator extends PacketTranslator if (packet.getAction() == BookEditPacket.Action.SIGN_BOOK) { // Add title to packet so the server knows we're signing title = MessageTranslator.convertToPlainText(packet.getTitle()); - if (title.getBytes(StandardCharsets.UTF_8).length > MAXIMUM_TITLE_LENGTH) { + if (title.length() > WrittenBookItem.MAXIMUM_TITLE_LENGTH) { session.getGeyser().getLogger().warning("Book title larger than server allows!"); return; } diff --git a/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockInventoryTransactionTranslator.java b/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockInventoryTransactionTranslator.java index 5bfb2dd6a..bf2c8b1cc 100644 --- a/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockInventoryTransactionTranslator.java +++ b/core/src/main/java/org/geysermc/geyser/translator/protocol/bedrock/BedrockInventoryTransactionTranslator.java @@ -44,6 +44,7 @@ import org.cloudburstmc.protocol.bedrock.data.inventory.ContainerType; import org.cloudburstmc.protocol.bedrock.data.inventory.ItemData; import org.cloudburstmc.protocol.bedrock.data.inventory.transaction.InventoryActionData; import org.cloudburstmc.protocol.bedrock.data.inventory.transaction.InventorySource; +import org.cloudburstmc.protocol.bedrock.data.inventory.transaction.InventoryTransactionType; import org.cloudburstmc.protocol.bedrock.data.inventory.transaction.LegacySetItemSlotData; import org.cloudburstmc.protocol.bedrock.packet.ContainerOpenPacket; import org.cloudburstmc.protocol.bedrock.packet.InventoryTransactionPacket; @@ -93,6 +94,15 @@ public class BedrockInventoryTransactionTranslator extends PacketTranslator