From 77be0527a7dac62fde76ff2c3dc1f2f4042c9ae6 Mon Sep 17 00:00:00 2001 From: KrewsOrg Date: Tue, 9 Jul 2019 02:29:37 +0100 Subject: [PATCH] FloorPlanEditor Exploit Fix --- ...-1_TO_2_1_0-RC-2.sql => 2_1_0-RC-1_TO_2_1_0.sql} | 0 sqlupdates/2_1_0_TO_2_1_1.sql | 1 + src/main/java/com/eu/habbo/Emulator.java | 3 ++- .../floorplaneditor/FloorPlanEditorSaveEvent.java | 13 +++++++++++++ 4 files changed, 16 insertions(+), 1 deletion(-) rename sqlupdates/{2_1_0-RC-1_TO_2_1_0-RC-2.sql => 2_1_0-RC-1_TO_2_1_0.sql} (100%) create mode 100644 sqlupdates/2_1_0_TO_2_1_1.sql diff --git a/sqlupdates/2_1_0-RC-1_TO_2_1_0-RC-2.sql b/sqlupdates/2_1_0-RC-1_TO_2_1_0.sql similarity index 100% rename from sqlupdates/2_1_0-RC-1_TO_2_1_0-RC-2.sql rename to sqlupdates/2_1_0-RC-1_TO_2_1_0.sql diff --git a/sqlupdates/2_1_0_TO_2_1_1.sql b/sqlupdates/2_1_0_TO_2_1_1.sql new file mode 100644 index 00000000..34e998b7 --- /dev/null +++ b/sqlupdates/2_1_0_TO_2_1_1.sql @@ -0,0 +1 @@ +INSERT INTO `emulator_settings`(`key`, `value`) VALUES ('hotel.room.floorplan.check.enabled', '1'); diff --git a/src/main/java/com/eu/habbo/Emulator.java b/src/main/java/com/eu/habbo/Emulator.java index 48a63e9f..bdebafe6 100644 --- a/src/main/java/com/eu/habbo/Emulator.java +++ b/src/main/java/com/eu/habbo/Emulator.java @@ -37,7 +37,7 @@ public final class Emulator { public final static int MINOR = 1; - public final static int BUILD = 0; + public final static int BUILD = 1; public final static String PREVIEW = "Stable"; @@ -143,6 +143,7 @@ public final class Emulator { Emulator.getLogging().logStart("Thankyou for downloading Arcturus Morningstar! This is a stable 2.1.0 build, it should be more than stable for daily use on hotels, if you find any bugs please place them on our git repository."); Emulator.getLogging().logStart("Please note, Arcturus Emulator is a project by TheGeneral, we take no credit for the original work, and only the work we have continued. If you'd like to support the project, join our discord at: "); Emulator.getLogging().logStart("https://discord.gg/syuqgN"); + Emulator.getLogging().logStart("Please report bugs on our git at Krews.org. Not on our discord!!"); System.out.println("Waiting for commands: "); } }, 3500); diff --git a/src/main/java/com/eu/habbo/messages/incoming/floorplaneditor/FloorPlanEditorSaveEvent.java b/src/main/java/com/eu/habbo/messages/incoming/floorplaneditor/FloorPlanEditorSaveEvent.java index 65f54683..e7212745 100644 --- a/src/main/java/com/eu/habbo/messages/incoming/floorplaneditor/FloorPlanEditorSaveEvent.java +++ b/src/main/java/com/eu/habbo/messages/incoming/floorplaneditor/FloorPlanEditorSaveEvent.java @@ -20,6 +20,7 @@ import java.util.List; public class FloorPlanEditorSaveEvent extends MessageHandler { public static int MAXIMUM_FLOORPLAN_WIDTH_LENGTH = 64; public static int MAXIMUM_FLOORPLAN_SIZE = 64 * 64; + public static final String VALID_CHARACTERS = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"; @Override public void handle() throws Exception { @@ -38,6 +39,18 @@ public class FloorPlanEditorSaveEvent extends MessageHandler { String map = this.packet.readString(); map = map.replace("X", "x"); + String checkMap = map.replace(((char) 13) + "", "").toUpperCase(); + for (char c : VALID_CHARACTERS.toCharArray()) + { + checkMap = checkMap.replace(c + "", ""); + } + + if (!checkMap.isEmpty() && Emulator.getConfig().getBoolean("hotel.room.floorplan.check.enabled")) + { + errors.add("${notification.floorplan_editor.error.title}"); + } + + if (map.isEmpty() || map.replace("x", "").replace(((char) 13) + "", "").length() == 0) { errors.add("${notification.floorplan_editor.error.message.effective_height_is_0}"); }