TheCloud/Amethyst-Android
1
0
Fork 0
mirror of https://github.com/AngelAuraMC/Amethyst-Android.git synced 2025-09-19 09:39:25 -04:00
Code Issues Packages Projects Releases Wiki Activity

Completely fix Log4J RCE (1.7-1.16.5) (not yet tested)

Browse Source 
#2378
This commit is contained in:
khanhduytran0 2021-12-14 07:40:35 +07:00
parent 7551487461
commit 2d5751d018
3 changed files with 52 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
app_pojavlauncher/src/main/java/net/kdt/pojavlaunch/JMinecraftVersionList.java
View File

@ -1,10 +1,8 @@
package net.kdt.pojavlaunch;
import androidx.annotation.Keep;
import java.util.Map;
import net.kdt.pojavlaunch.value.*;
import java.util.*;
import net.kdt.pojavlaunch.value.*;
@Keep
public class JMinecraftVersionList {
@ -16,18 +14,23 @@ public class JMinecraftVersionList {
public Version[] versions;
@Keep
public static class Version {
public static class FileProperties {
public String id, sha1, url;
public long size;
}
@Keep
public static class Version extends FileProperties {
// Since 1.13, so it's one of ways to check
public Arguments arguments;
public AssetIndex assetIndex;
public String assets;
public Map<String, MinecraftClientInfo> downloads;
public String id;
public String inheritsFrom;
public JavaVersionInfo javaVersion;
public DependentLibrary[] libraries;
public LoggingConfig logging;
public String mainClass;
public String minecraftArguments;
public int minimumLauncherVersion;
@ -35,15 +38,23 @@ public class JMinecraftVersionList {
public String releaseTime;
public String time;
public String type;
public String url;
public String sha1;
}
@Keep
public static class JavaVersionInfo {
public String component;
public int majorVersion;
}
@Keep
public static class LoggingConfig {
public LoggingClientConfig client;
@Keep
public static class LoggingClientConfig {
public String argument;
public FileProperties file;
public String type;
}
}
// Since 1.13
@Keep
public static class Arguments {
@ -66,9 +77,8 @@ public class JMinecraftVersionList {
}
}
@Keep
public static class AssetIndex {
public String id, sha1, url;
public long size, totalSize;
public static class AssetIndex extends FileProperties {
public long totalSize;
}
}

1
app_pojavlauncher/src/main/java/net/kdt/pojavlaunch/Tools.java
View File

@ -151,6 +151,7 @@ public final class Tools {
}
*/
javaArgList.add("-Dlog4j.configurationFile=" + Tools.DIR_GAME_NEW + "/" + mVersion.logging.client.file.id);
javaArgList.add("-cp");
javaArgList.add(getLWJGL3ClassPath() + ":" + launchClassPath);

30
app_pojavlauncher/src/main/java/net/kdt/pojavlaunch/tasks/MinecraftDownloaderTask.java
View File

@ -130,6 +130,36 @@ public class MinecraftDownloaderTask extends AsyncTask<String, String, Throwable
File outLib;
// Patch the Log4J RCE (CVE-2021-44228)
if (mVersion.logging != null) {
outLib = new File(Tools.DIR_GAME_NEW, mVersion.logging.client.file.id);
if (outLib.exists()) {
if(LauncherPreferences.PREF_CHECK_LIBRARY_SHA) {
if(!Tools.compareSHA1(outLib,mVersion.logging.client.file.sha1)) {
outLib.delete();
publishProgress("0", mActivity.getString(R.string.dl_library_sha_fail,mVersion.logging.client.file.id));
}else{
publishProgress("0", mActivity.getString(R.string.dl_library_sha_pass,mVersion.logging.client.file.id));
}
} else if (outLib.length() != mVersion.logging.client.file.size) {
// force updating anyways
outLib.delete();
}
}
if (!outLib.exists()) {
publishProgress("0", mActivity.getString(R.string.mcl_launch_downloading, mVersion.logging.client.file.id));
Tools.downloadFileMonitored(
mVersion.logging.client.file.url,
outLib.getAbsolutePath(),
new Tools.DownloaderFeedback() {
@Override
public void updateProgress(int curr, int max) {
publishDownloadProgress(mVersion.logging.client.file.id, curr, max);
}
}
);
}
}
setMax(verInfo.libraries.length);
zeroProgress();