From b8179ca1c0a7e438b975f175ce41a17efd677f42 Mon Sep 17 00:00:00 2001 From: Captain ALM Date: Tue, 23 May 2023 13:06:29 +0100 Subject: [PATCH] Fix IndexOutOfBoundsException issues. --- .../calmnet/packet/core/EncryptedPacket.java | 87 ++++++++++--------- .../core/NetworkEncryptionCipherPacket.java | 50 ++++++----- .../core/NetworkEncryptionUpgradePacket.java | 26 +++--- 3 files changed, 88 insertions(+), 75 deletions(-) diff --git a/src/com/captainalm/lib/calmnet/packet/core/EncryptedPacket.java b/src/com/captainalm/lib/calmnet/packet/core/EncryptedPacket.java index d945c24..903271e 100644 --- a/src/com/captainalm/lib/calmnet/packet/core/EncryptedPacket.java +++ b/src/com/captainalm/lib/calmnet/packet/core/EncryptedPacket.java @@ -237,53 +237,58 @@ public class EncryptedPacket implements IStreamedPacket, IInternalCache { public void loadPayload(byte[] packetData) throws PacketException { if (packetData == null) throw new NullPointerException("packetData is null"); synchronized (slock) { - int index = 1; - - int cipherLenCache = (packetData[index++] & 0xff) * 16777216; - cipherLenCache += (packetData[index++] & 0xff) * 65536; - cipherLenCache += (packetData[index++] & 0xff) * 256; - cipherLenCache += (packetData[index++] & 0xff); - if (cipherLenCache < 1) throw new PacketException("cipher length less than 1"); - - byte[] cipherSettingsCache = new byte[cipherLenCache]; - System.arraycopy(packetData, index, cipherSettingsCache, 0, cipherLenCache); index += cipherLenCache; try { - cipherFactory.setSettings(cipherSettingsCache); - } catch (CipherException e) { - throw new PacketException(e); - } + int index = 1; - generateCipher(Cipher.DECRYPT_MODE); + int cipherLenCache = (packetData[index++] & 0xff) * 16777216; + cipherLenCache += (packetData[index++] & 0xff) * 65536; + cipherLenCache += (packetData[index++] & 0xff) * 256; + cipherLenCache += (packetData[index++] & 0xff); + if (cipherLenCache < 1) throw new PacketException("cipher length less than 1"); - trailingArrayLengthCache = 0; - if ((packetData[0] & 1) == 1) { - trailingArrayLengthCache = (packetData[index++] & 0xff) * 16777216; - trailingArrayLengthCache += (packetData[index++] & 0xff) * 65536; - trailingArrayLengthCache += (packetData[index++] & 0xff) * 256; - trailingArrayLengthCache += (packetData[index++] & 0xff); - if (trailingArrayLengthCache < 1) throw new PacketException("trailer length less than 1"); - } - - encryptedCache = new byte[packetData.length - index]; - System.arraycopy(packetData, index, encryptedCache, 0, encryptedCache.length); - - try { - byte[] decrypted = cipher.doFinal(encryptedCache); - byte[] thePacket = new byte[decrypted.length - trailingArrayLengthCache]; - - System.arraycopy(decrypted, 0, thePacket, 0, thePacket.length); - - if (trailingArrayLengthCache > 0) { - byte[] theTrailer = new byte[trailingArrayLengthCache]; - System.arraycopy(decrypted, thePacket.length, theTrailer, 0, trailingArrayLengthCache); - trailingPassword = new String(theTrailer, StandardCharsets.UTF_8); + byte[] cipherSettingsCache = new byte[cipherLenCache]; + System.arraycopy(packetData, index, cipherSettingsCache, 0, cipherLenCache); + index += cipherLenCache; + try { + cipherFactory.setSettings(cipherSettingsCache); + } catch (CipherException e) { + throw new PacketException(e); } - held = loader.readPacketNoDigest(thePacket, factory, null); - } catch (BadPaddingException | IllegalBlockSizeException e) { + generateCipher(Cipher.DECRYPT_MODE); + + trailingArrayLengthCache = 0; + if ((packetData[0] & 1) == 1) { + trailingArrayLengthCache = (packetData[index++] & 0xff) * 16777216; + trailingArrayLengthCache += (packetData[index++] & 0xff) * 65536; + trailingArrayLengthCache += (packetData[index++] & 0xff) * 256; + trailingArrayLengthCache += (packetData[index++] & 0xff); + if (trailingArrayLengthCache < 1) throw new PacketException("trailer length less than 1"); + } + + encryptedCache = new byte[packetData.length - index]; + System.arraycopy(packetData, index, encryptedCache, 0, encryptedCache.length); + + try { + byte[] decrypted = cipher.doFinal(encryptedCache); + byte[] thePacket = new byte[decrypted.length - trailingArrayLengthCache]; + + System.arraycopy(decrypted, 0, thePacket, 0, thePacket.length); + + if (trailingArrayLengthCache > 0) { + byte[] theTrailer = new byte[trailingArrayLengthCache]; + System.arraycopy(decrypted, thePacket.length, theTrailer, 0, trailingArrayLengthCache); + trailingPassword = new String(theTrailer, StandardCharsets.UTF_8); + } + + held = loader.readPacketNoDigest(thePacket, factory, null); + } catch (BadPaddingException | IllegalBlockSizeException e) { + throw new PacketException(e); + } finally { + if (!useCache) encryptedCache = null; + } + } catch (IndexOutOfBoundsException e) { throw new PacketException(e); - } finally { - if (!useCache) encryptedCache = null; } } } diff --git a/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionCipherPacket.java b/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionCipherPacket.java index 9533ccc..b28a823 100644 --- a/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionCipherPacket.java +++ b/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionCipherPacket.java @@ -139,32 +139,36 @@ public class NetworkEncryptionCipherPacket implements IStreamedPacket, IAcknowle if (packetData == null) throw new NullPointerException("packetData is null"); if (packetData.length < 5) throw new PacketException("no data"); synchronized (slock) { - acknowledgement = (packetData[0] == 1); - if (!acknowledgement && packetData[0] != 0) acknowledgement = null; - int index = 1; + try { + acknowledgement = (packetData[0] == 1); + if (!acknowledgement && packetData[0] != 0) acknowledgement = null; + int index = 1; - int recordCount = (packetData[index++] & 0xff) * 16777216; - recordCount += (packetData[index++] & 0xff) * 65536; - recordCount += (packetData[index++] & 0xff) * 256; - recordCount += (packetData[index++] & 0xff); - if (recordCount < 0) throw new PacketException("record count less than 0"); + int recordCount = (packetData[index++] & 0xff) * 16777216; + recordCount += (packetData[index++] & 0xff) * 65536; + recordCount += (packetData[index++] & 0xff) * 256; + recordCount += (packetData[index++] & 0xff); + if (recordCount < 0) throw new PacketException("record count less than 0"); - if (useCache) cipherData = packetData; - ciphers = new String[recordCount]; - for (int i = 0; i < recordCount; i++) { - int recordLength = (packetData[index++] & 0xff) * 16777216; - recordLength += (packetData[index++] & 0xff) * 65536; - recordLength += (packetData[index++] & 0xff) * 256; - recordLength += (packetData[index++] & 0xff); - if (recordLength < 0) throw new PacketException("record length less than 0"); - byte[] currentRecord = new byte[recordLength]; - if (recordLength > 0) { - System.arraycopy(packetData, index, currentRecord, 0, recordLength); - index += recordLength; - ciphers[i] = new String(currentRecord, StandardCharsets.UTF_8); - } else { - ciphers[i] = ""; + if (useCache) cipherData = packetData; + ciphers = new String[recordCount]; + for (int i = 0; i < recordCount; i++) { + int recordLength = (packetData[index++] & 0xff) * 16777216; + recordLength += (packetData[index++] & 0xff) * 65536; + recordLength += (packetData[index++] & 0xff) * 256; + recordLength += (packetData[index++] & 0xff); + if (recordLength < 0) throw new PacketException("record length less than 0"); + byte[] currentRecord = new byte[recordLength]; + if (recordLength > 0) { + System.arraycopy(packetData, index, currentRecord, 0, recordLength); + index += recordLength; + ciphers[i] = new String(currentRecord, StandardCharsets.UTF_8); + } else { + ciphers[i] = ""; + } } + } catch (IndexOutOfBoundsException e) { + throw new PacketException(e); } } } diff --git a/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionUpgradePacket.java b/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionUpgradePacket.java index 3b27487..df8f598 100644 --- a/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionUpgradePacket.java +++ b/src/com/captainalm/lib/calmnet/packet/core/NetworkEncryptionUpgradePacket.java @@ -106,20 +106,24 @@ public class NetworkEncryptionUpgradePacket implements IPacket, IAcknowledgement if (packetData == null) throw new NullPointerException("packetData is null"); if (packetData.length < 2) throw new PacketException("no data"); synchronized (slock) { - acknowledgement = (packetData[0] == 1); - if (!acknowledgement && packetData[0] != 0) acknowledgement = null; + try { + acknowledgement = (packetData[0] == 1); + if (!acknowledgement && packetData[0] != 0) acknowledgement = null; - upgrade = ((packetData[1] & 1) == 1); - base64ed = ((packetData[1] & 2) == 2); + upgrade = ((packetData[1] & 1) == 1); + base64ed = ((packetData[1] & 2) == 2); - if (cipherFactory != null && packetData.length > 2) { - byte[] cipherBytes = new byte[packetData.length - 2]; - System.arraycopy(packetData, 2, cipherBytes, 0, cipherBytes.length); - try { - cipherFactory.setSettings(cipherBytes); - } catch (CipherException e) { - throw new PacketException(e); + if (cipherFactory != null && packetData.length > 2) { + byte[] cipherBytes = new byte[packetData.length - 2]; + System.arraycopy(packetData, 2, cipherBytes, 0, cipherBytes.length); + try { + cipherFactory.setSettings(cipherBytes); + } catch (CipherException e) { + throw new PacketException(e); + } } + } catch (IndexOutOfBoundsException e) { + throw new PacketException(e); } } }