AstralTransRocketries/OpenComputers
1
0
Fork 0
mirror of https://github.com/MightyPirates/OpenComputers.git synced 2025-09-17 03:05:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2131 from gamax92/uuid-verify

Browse Source 
Fix Arbitrary Read/Write exploit
This commit is contained in:
payonel 2016-11-20 21:41:31 -08:00 committed by GitHub
commit f2bbc4b288
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/main/scala/li/cil/oc/integration/opencomputers/DriverFileSystem.scala
View File

@ -2,6 +2,7 @@ package li.cil.oc.integration.opencomputers
import li.cil.oc
import li.cil.oc.Constants
import li.cil.oc.OpenComputers
import li.cil.oc.Settings
import li.cil.oc.api
import li.cil.oc.api.network.EnvironmentHost
@ -17,6 +18,8 @@ import net.minecraft.item.ItemStack
import net.minecraft.nbt.NBTTagCompound
object DriverFileSystem extends Item {
val UUIDVerifier = """^([0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12})$""".r
override def worksWith(stack: ItemStack) = isOneOf(stack,
api.Items.get(Constants.ItemName.HDDTier1),
api.Items.get(Constants.ItemName.HDDTier2),
@ -82,7 +85,14 @@ object DriverFileSystem extends Item {
private def addressFromTag(tag: NBTTagCompound) =
if (tag.hasKey("node") && tag.getCompoundTag("node").hasKey("address")) {
tag.getCompoundTag("node").getString("address")
tag.getCompoundTag("node").getString("address") match {
case UUIDVerifier(address) => address
case _ => // Invalid disk address.
val newAddress = java.util.UUID.randomUUID().toString
tag.getCompoundTag("node").setString("address", newAddress)
OpenComputers.log.warn(s"Generated new address for disk '${newAddress}'.")
newAddress
}
}
else java.util.UUID.randomUUID().toString