Merge pull request #2933 from punchready/patch-2

Update STR handling to reject for-sure invalid framing values
2023-03-25 16:52:51 +10:30 · 2023-03-25 16:52:51 +10:30 · 01b8e521f7
commit 01b8e521f7
parent 9e9996f902 ec72f4957b
2 changed files with 34 additions and 0 deletions
--- a/TShockAPI/Handlers/SendTileRectHandler.cs
+++ b/TShockAPI/Handlers/SendTileRectHandler.cs
@ -181,6 +181,7 @@ namespace TShockAPI.Handlers
 					}

 					NetTile newTile = tiles[x, y];
+
 					TileObjectData data;

 					// If the new tile has an associated TileObjectData object, we take the tile and the surrounding tiles that make up the tile object
@ -218,10 +219,26 @@ namespace TShockAPI.Handlers
 								case TileID.ShimmerMonolith:
 									{
 										// Allowed changes
+
+										// Based on empirical tests, these should be some conservative upper bounds for framing values
+										if (newTile.FrameX != -1 || newTile.FrameY != -1)
+										{
+											if (newTile.FrameX is < 0 or > 1000)
+											{
+												processed[x, y] = true;
+												continue;
+											}
+											if (newTile.FrameY is < 0 or > 5000)
+											{
+												processed[x, y] = true;
+												continue;
+											}
+										}
 									}
 									break;
 								default:
 									{
+										processed[x, y] = true;
 										continue;
 									}
 							}
@ -241,10 +258,26 @@ namespace TShockAPI.Handlers
 								case TileID.TargetDummy:
 									{
 										// Allowed placements
+
+										// Based on empirical tests, these should be some conservative upper bounds for framing values
+										if (newTile.FrameX != -1 || newTile.FrameY != -1)
+										{
+											if (newTile.FrameX is < 0 or > 1000)
+											{
+												processed[x, y] = true;
+												continue;
+											}
+											if (newTile.FrameY is < 0 or > 500)
+											{
+												processed[x, y] = true;
+												continue;
+											}
+										}
 									}
 									break;
 								default:
 									{
+										processed[x, y] = true;
 										continue;
 									}
 							}
--- a/docs/changelog.md
+++ b/docs/changelog.md
@ -109,6 +109,7 @@ Use past tense when adding new entries; sign your name off when you add or chang
 * Relaxed custom death message restrictions to allow Inferno potions in PvP. (@drunderscore)
 * Allowed Flower Boots to place Ash Flowers on Ash Grass blocks. (@punchready)
 * Removed unnecessary range check that artifically shortened quick stack reach. (@boddyn, #2885, @bcat)
+* Improved the exploit protection in tile rect handling. (@punchready)

 ## TShock 5.1.3
 * Added support for Terraria 1.4.4.9 via OTAPI 3.1.20. (@SignatureBeef)