Fix IndexOutOfBoundsException issues.

This commit is contained in:
Captain ALM 2023-05-23 13:06:29 +01:00
parent b0bb4057f6
commit b8179ca1c0
Signed by: alfred
GPG Key ID: 4E4ADD02609997B1
3 changed files with 88 additions and 75 deletions

View File

@ -237,53 +237,58 @@ public class EncryptedPacket implements IStreamedPacket, IInternalCache {
public void loadPayload(byte[] packetData) throws PacketException { public void loadPayload(byte[] packetData) throws PacketException {
if (packetData == null) throw new NullPointerException("packetData is null"); if (packetData == null) throw new NullPointerException("packetData is null");
synchronized (slock) { synchronized (slock) {
int index = 1;
int cipherLenCache = (packetData[index++] & 0xff) * 16777216;
cipherLenCache += (packetData[index++] & 0xff) * 65536;
cipherLenCache += (packetData[index++] & 0xff) * 256;
cipherLenCache += (packetData[index++] & 0xff);
if (cipherLenCache < 1) throw new PacketException("cipher length less than 1");
byte[] cipherSettingsCache = new byte[cipherLenCache];
System.arraycopy(packetData, index, cipherSettingsCache, 0, cipherLenCache); index += cipherLenCache;
try { try {
cipherFactory.setSettings(cipherSettingsCache); int index = 1;
} catch (CipherException e) {
throw new PacketException(e);
}
generateCipher(Cipher.DECRYPT_MODE); int cipherLenCache = (packetData[index++] & 0xff) * 16777216;
cipherLenCache += (packetData[index++] & 0xff) * 65536;
cipherLenCache += (packetData[index++] & 0xff) * 256;
cipherLenCache += (packetData[index++] & 0xff);
if (cipherLenCache < 1) throw new PacketException("cipher length less than 1");
trailingArrayLengthCache = 0; byte[] cipherSettingsCache = new byte[cipherLenCache];
if ((packetData[0] & 1) == 1) { System.arraycopy(packetData, index, cipherSettingsCache, 0, cipherLenCache);
trailingArrayLengthCache = (packetData[index++] & 0xff) * 16777216; index += cipherLenCache;
trailingArrayLengthCache += (packetData[index++] & 0xff) * 65536; try {
trailingArrayLengthCache += (packetData[index++] & 0xff) * 256; cipherFactory.setSettings(cipherSettingsCache);
trailingArrayLengthCache += (packetData[index++] & 0xff); } catch (CipherException e) {
if (trailingArrayLengthCache < 1) throw new PacketException("trailer length less than 1"); throw new PacketException(e);
}
encryptedCache = new byte[packetData.length - index];
System.arraycopy(packetData, index, encryptedCache, 0, encryptedCache.length);
try {
byte[] decrypted = cipher.doFinal(encryptedCache);
byte[] thePacket = new byte[decrypted.length - trailingArrayLengthCache];
System.arraycopy(decrypted, 0, thePacket, 0, thePacket.length);
if (trailingArrayLengthCache > 0) {
byte[] theTrailer = new byte[trailingArrayLengthCache];
System.arraycopy(decrypted, thePacket.length, theTrailer, 0, trailingArrayLengthCache);
trailingPassword = new String(theTrailer, StandardCharsets.UTF_8);
} }
held = loader.readPacketNoDigest(thePacket, factory, null); generateCipher(Cipher.DECRYPT_MODE);
} catch (BadPaddingException | IllegalBlockSizeException e) {
trailingArrayLengthCache = 0;
if ((packetData[0] & 1) == 1) {
trailingArrayLengthCache = (packetData[index++] & 0xff) * 16777216;
trailingArrayLengthCache += (packetData[index++] & 0xff) * 65536;
trailingArrayLengthCache += (packetData[index++] & 0xff) * 256;
trailingArrayLengthCache += (packetData[index++] & 0xff);
if (trailingArrayLengthCache < 1) throw new PacketException("trailer length less than 1");
}
encryptedCache = new byte[packetData.length - index];
System.arraycopy(packetData, index, encryptedCache, 0, encryptedCache.length);
try {
byte[] decrypted = cipher.doFinal(encryptedCache);
byte[] thePacket = new byte[decrypted.length - trailingArrayLengthCache];
System.arraycopy(decrypted, 0, thePacket, 0, thePacket.length);
if (trailingArrayLengthCache > 0) {
byte[] theTrailer = new byte[trailingArrayLengthCache];
System.arraycopy(decrypted, thePacket.length, theTrailer, 0, trailingArrayLengthCache);
trailingPassword = new String(theTrailer, StandardCharsets.UTF_8);
}
held = loader.readPacketNoDigest(thePacket, factory, null);
} catch (BadPaddingException | IllegalBlockSizeException e) {
throw new PacketException(e);
} finally {
if (!useCache) encryptedCache = null;
}
} catch (IndexOutOfBoundsException e) {
throw new PacketException(e); throw new PacketException(e);
} finally {
if (!useCache) encryptedCache = null;
} }
} }
} }

View File

@ -139,32 +139,36 @@ public class NetworkEncryptionCipherPacket implements IStreamedPacket, IAcknowle
if (packetData == null) throw new NullPointerException("packetData is null"); if (packetData == null) throw new NullPointerException("packetData is null");
if (packetData.length < 5) throw new PacketException("no data"); if (packetData.length < 5) throw new PacketException("no data");
synchronized (slock) { synchronized (slock) {
acknowledgement = (packetData[0] == 1); try {
if (!acknowledgement && packetData[0] != 0) acknowledgement = null; acknowledgement = (packetData[0] == 1);
int index = 1; if (!acknowledgement && packetData[0] != 0) acknowledgement = null;
int index = 1;
int recordCount = (packetData[index++] & 0xff) * 16777216; int recordCount = (packetData[index++] & 0xff) * 16777216;
recordCount += (packetData[index++] & 0xff) * 65536; recordCount += (packetData[index++] & 0xff) * 65536;
recordCount += (packetData[index++] & 0xff) * 256; recordCount += (packetData[index++] & 0xff) * 256;
recordCount += (packetData[index++] & 0xff); recordCount += (packetData[index++] & 0xff);
if (recordCount < 0) throw new PacketException("record count less than 0"); if (recordCount < 0) throw new PacketException("record count less than 0");
if (useCache) cipherData = packetData; if (useCache) cipherData = packetData;
ciphers = new String[recordCount]; ciphers = new String[recordCount];
for (int i = 0; i < recordCount; i++) { for (int i = 0; i < recordCount; i++) {
int recordLength = (packetData[index++] & 0xff) * 16777216; int recordLength = (packetData[index++] & 0xff) * 16777216;
recordLength += (packetData[index++] & 0xff) * 65536; recordLength += (packetData[index++] & 0xff) * 65536;
recordLength += (packetData[index++] & 0xff) * 256; recordLength += (packetData[index++] & 0xff) * 256;
recordLength += (packetData[index++] & 0xff); recordLength += (packetData[index++] & 0xff);
if (recordLength < 0) throw new PacketException("record length less than 0"); if (recordLength < 0) throw new PacketException("record length less than 0");
byte[] currentRecord = new byte[recordLength]; byte[] currentRecord = new byte[recordLength];
if (recordLength > 0) { if (recordLength > 0) {
System.arraycopy(packetData, index, currentRecord, 0, recordLength); System.arraycopy(packetData, index, currentRecord, 0, recordLength);
index += recordLength; index += recordLength;
ciphers[i] = new String(currentRecord, StandardCharsets.UTF_8); ciphers[i] = new String(currentRecord, StandardCharsets.UTF_8);
} else { } else {
ciphers[i] = ""; ciphers[i] = "";
}
} }
} catch (IndexOutOfBoundsException e) {
throw new PacketException(e);
} }
} }
} }

View File

@ -106,20 +106,24 @@ public class NetworkEncryptionUpgradePacket implements IPacket, IAcknowledgement
if (packetData == null) throw new NullPointerException("packetData is null"); if (packetData == null) throw new NullPointerException("packetData is null");
if (packetData.length < 2) throw new PacketException("no data"); if (packetData.length < 2) throw new PacketException("no data");
synchronized (slock) { synchronized (slock) {
acknowledgement = (packetData[0] == 1); try {
if (!acknowledgement && packetData[0] != 0) acknowledgement = null; acknowledgement = (packetData[0] == 1);
if (!acknowledgement && packetData[0] != 0) acknowledgement = null;
upgrade = ((packetData[1] & 1) == 1); upgrade = ((packetData[1] & 1) == 1);
base64ed = ((packetData[1] & 2) == 2); base64ed = ((packetData[1] & 2) == 2);
if (cipherFactory != null && packetData.length > 2) { if (cipherFactory != null && packetData.length > 2) {
byte[] cipherBytes = new byte[packetData.length - 2]; byte[] cipherBytes = new byte[packetData.length - 2];
System.arraycopy(packetData, 2, cipherBytes, 0, cipherBytes.length); System.arraycopy(packetData, 2, cipherBytes, 0, cipherBytes.length);
try { try {
cipherFactory.setSettings(cipherBytes); cipherFactory.setSettings(cipherBytes);
} catch (CipherException e) { } catch (CipherException e) {
throw new PacketException(e); throw new PacketException(e);
}
} }
} catch (IndexOutOfBoundsException e) {
throw new PacketException(e);
} }
} }
} }