Validate TE of packet (#126)

* Validate TE of packet

* Remove outdated script

build.gradle

@@ -1,4 +1,4 @@
-//version: 1684218858
+//version: 1685785062
 /*
  DO NOT CHANGE THIS FILE!
  Also, you may replace this file at any time if there is an update available.
@@ -1276,12 +1276,14 @@ tasks.register('faq') {
     description = 'Prints frequently asked questions about building a project'
 
     doLast {
-        print("If your build fails to fetch dependencies, they might have been deleted and replaced by newer " +
-            "versions.\nCheck if the versions you try to fetch are still on the distributing sites.\n" +
-            "The links can be found in repositories.gradle and build.gradle:repositories, " +
-            "not build.gradle:buildscript.repositories - this one is for gradle plugin metadata.\n\n" +
+        print("If your build fails to fetch dependencies, run './gradlew updateDependencies'. " +
+            "Or you can manually check if the versions are still on the distributing sites - " +
+            "the links can be found in repositories.gradle and build.gradle:repositories, " +
+            "but not build.gradle:buildscript.repositories - those ones are for gradle plugin metadata.\n\n" +
             "If your build fails to recognize the syntax of new Java versions, enable Jabel in your " +
-            "gradle.properties. See how it's done in GTNH ExampleMod/gradle.properties.")
+            "gradle.properties. See how it's done in GTNH ExampleMod/gradle.properties. " +
+            "However, keep in mind that Jabel enables only syntax features, but not APIs that were introduced in " +
+            "Java 9 or later.")
     }
 }
 

src/main/java/crazypants/enderio/Log.java

@@ -2,10 +2,13 @@
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.apache.logging.log4j.Marker;
+import org.apache.logging.log4j.MarkerManager;
 
 public final class Log {
 
     public static final Logger LOGGER = LogManager.getLogger(EnderIO.MODID);
+    public static final Marker securityMarker = MarkerManager.getMarker("SuspiciousPackets");
 
     public static void warn(String msg) {
         LOGGER.warn(msg);

src/main/java/crazypants/enderio/conduit/gui/ExternalConnectionContainer.java

@@ -10,6 +10,7 @@
 import net.minecraft.inventory.IInventory;
 import net.minecraft.inventory.Slot;
 import net.minecraft.item.ItemStack;
+import net.minecraft.tileentity.TileEntity;
 import net.minecraft.world.World;
 import net.minecraftforge.common.util.ForgeDirection;
 
@@ -24,12 +25,14 @@
 import crazypants.enderio.conduit.item.IItemConduit;
 import crazypants.enderio.conduit.item.SpeedUpgrade;
 import crazypants.enderio.conduit.item.filter.IItemFilter;
+import crazypants.enderio.machine.gui.IContainerWithTileEntity;
 import crazypants.enderio.network.PacketHandler;
 
-public class ExternalConnectionContainer extends ContainerEnder<InventoryUpgrades> {
+public class ExternalConnectionContainer extends ContainerEnder<InventoryUpgrades> implements IContainerWithTileEntity {
 
     private final IItemConduit itemConduit;
     private final ForgeDirection direction;
+    private final TileEntity te;
 
     private int speedUpgradeSlotLimit = 15;
 
@@ -52,6 +55,7 @@ public ExternalConnectionContainer(InventoryPlayer playerInv, IConduitBundle bun
         super(playerInv, new InventoryUpgrades(bundle.getConduit(IItemConduit.class), dir));
         this.direction = dir;
         this.itemConduit = bundle.getConduit(IItemConduit.class);
+        this.te = (TileEntity) bundle;
         slotLocations.addAll(playerSlotLocations.values());
 
         int x;
@@ -280,6 +284,11 @@ public ItemStack transferStackInSlot(EntityPlayer entityPlayer, int slotIndex) {
         return copystack;
     }
 
+    @Override
+    public TileEntity getTileEntity() {
+        return te;
+    }
+
     private class FilterSlot extends Slot {
 
         public FilterSlot(IInventory par1iInventory, int par2, int par3, int par4) {

src/main/java/crazypants/enderio/conduit/gui/PacketFluidChannel.java

@@ -49,6 +49,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketFluidChannel message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         ILiquidConduit conduit = message.getTileCasted(ctx);
         if (!(conduit instanceof AbstractEnderLiquidConduit)) {
             return null;

src/main/java/crazypants/enderio/conduit/gui/PacketFluidFilter.java

@@ -53,6 +53,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketFluidFilter message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         ILiquidConduit conduit = message.getTileCasted(ctx);
         if (!(conduit instanceof AbstractEnderLiquidConduit)) {
             return null;

src/main/java/crazypants/enderio/conduit/gui/item/PacketExistingItemFilterSnapshot.java

@@ -58,6 +58,7 @@ public void toBytes(ByteBuf buf) {
 
     @Override
     public PacketExistingItemFilterSnapshot onMessage(PacketExistingItemFilterSnapshot message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         IItemConduit conduit = message.getTileCasted(ctx);
         if (conduit == null) {
             return null;

src/main/java/crazypants/enderio/conduit/gui/item/PacketModItemFilter.java

@@ -58,6 +58,7 @@ public void toBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketModItemFilter message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         IItemConduit conduit = message.getTileCasted(ctx);
         if (conduit == null) {
             return null;

src/main/java/crazypants/enderio/conduit/packet/AbstractConduitPacket.java

@@ -6,6 +6,7 @@
 import cpw.mods.fml.common.network.simpleimpl.MessageContext;
 import crazypants.enderio.conduit.IConduit;
 import crazypants.enderio.conduit.IConduitBundle;
+import crazypants.enderio.network.PacketUtil;
 import io.netty.buffer.ByteBuf;
 
 public class AbstractConduitPacket<T extends IConduit> extends AbstractConduitBundlePacket {
@@ -50,4 +51,12 @@ protected T getTileCasted(MessageContext ctx) {
         IConduitBundle bundle = (IConduitBundle) te;
         return (T) bundle.getConduit(getConType());
     }
+
+    /**
+     * Validates if TileEntity received from client is actually the one player is interacting with. It prevents
+     * malicious user disturbing random machine settings etc.
+     */
+    protected static boolean isInvalidPacketForGui(AbstractConduitPacket<?> message, MessageContext ctx) {
+        return PacketUtil.isInvalidPacketForGui(ctx, message.getTileEntity(message.getWorld(ctx)), message.getClass());
+    }
 }

src/main/java/crazypants/enderio/conduit/packet/PacketConnectionMode.java

@@ -40,6 +40,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketConnectionMode message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         IConduit conduit = message.getTileCasted(ctx);
         if (conduit == null) {
             return null;

src/main/java/crazypants/enderio/conduit/packet/PacketExtractMode.java

@@ -45,6 +45,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketExtractMode message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         message.getTileCasted(ctx).setExtractionRedstoneMode(message.mode, message.dir);
         message.getTileCasted(ctx).setExtractionSignalColor(message.dir, message.color);
         message.getWorld(ctx).markBlockForUpdate(message.x, message.y, message.z);

src/main/java/crazypants/enderio/conduit/packet/PacketItemConduitFilter.java

@@ -68,6 +68,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketItemConduitFilter message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         IItemConduit conduit = message.getTileCasted(ctx);
         conduit.setSelfFeedEnabled(message.dir, message.loopMode);
         conduit.setRoundRobinEnabled(message.dir, message.roundRobin);

src/main/java/crazypants/enderio/conduit/packet/PacketOCConduitSignalColor.java

@@ -40,6 +40,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketOCConduitSignalColor message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         message.getTileCasted(ctx).setSignalColor(message.dir, message.col);
         message.getWorld(ctx).markBlockForUpdate(message.x, message.y, message.z);
         return null;

src/main/java/crazypants/enderio/conduit/packet/PacketRedstoneConduitOutputStrength.java

@@ -38,6 +38,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketRedstoneConduitOutputStrength message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         IInsulatedRedstoneConduit tile = message.getTileCasted(ctx);
         if (tile != null) {
             tile.setOutputStrength(message.dir, message.isStrong);

src/main/java/crazypants/enderio/conduit/packet/PacketRedstoneConduitSignalColor.java

@@ -40,6 +40,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketRedstoneConduitSignalColor message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         message.getTileCasted(ctx).setSignalColor(message.dir, message.col);
         message.getWorld(ctx).markBlockForUpdate(message.x, message.y, message.z);
         return null;

src/main/java/crazypants/enderio/conduit/packet/PacketRoundRobinMode.java

@@ -39,6 +39,7 @@ public void fromBytes(ByteBuf buf) {
 
     @Override
     public IMessage onMessage(PacketRoundRobinMode message, MessageContext ctx) {
+        if (isInvalidPacketForGui(message, ctx)) return null;
         final ILiquidConduit conduit = message.getTileCasted(ctx);
         if (conduit instanceof AbstractEnderLiquidConduit) {
             ((AbstractEnderLiquidConduit) conduit).setRoundRobin(message.dir, message.roundRobin);

src/main/java/crazypants/enderio/machine/ContainerNoInv.java

@@ -2,19 +2,25 @@
 
 import net.minecraft.entity.player.EntityPlayer;
 import net.minecraft.inventory.Container;
-import net.minecraft.inventory.IInventory;
+import net.minecraft.tileentity.TileEntity;
 
-public class ContainerNoInv extends Container {
+import crazypants.enderio.machine.gui.IContainerWithTileEntity;
 
-    private IInventory inv;
+public class ContainerNoInv extends Container implements IContainerWithTileEntity {
 
-    public ContainerNoInv(IInventory inv) {
-        super();
-        this.inv = inv;
+    private final AbstractMachineEntity tile;
+
+    public ContainerNoInv(AbstractMachineEntity tile) {
+        this.tile = tile;
     }
 
     @Override
     public boolean canInteractWith(EntityPlayer player) {
-        return inv.isUseableByPlayer(player);
+        return tile.isUseableByPlayer(player);
+    }
+
+    @Override
+    public TileEntity getTileEntity() {
+        return tile;
     }
 }

src/main/java/crazypants/enderio/machine/PacketIoMode.java

@@ -9,6 +9,7 @@
 import cpw.mods.fml.common.network.simpleimpl.IMessage;
 import cpw.mods.fml.common.network.simpleimpl.IMessageHandler;
 import cpw.mods.fml.common.network.simpleimpl.MessageContext;
+import crazypants.enderio.network.PacketUtil;
 import io.netty.buffer.ByteBuf;
 
 public class PacketIoMode implements IMessage, IMessageHandler<PacketIoMode, IMessage> {
@@ -61,6 +62,7 @@ public void fromBytes(ByteBuf buf) {
     public IMessage onMessage(PacketIoMode message, MessageContext ctx) {
         EntityPlayer player = ctx.getServerHandler().playerEntity;
         TileEntity te = player.worldObj.getTileEntity(message.x, message.y, message.z);
+        if (PacketUtil.isInvalidPacketForGui(ctx, te, getClass())) return null;
         if (te instanceof IIoConfigurable) {
             IIoConfigurable me = (IIoConfigurable) te;
             if (message.face == ForgeDirection.UNKNOWN) {

src/main/java/crazypants/enderio/machine/PacketItemBuffer.java

@@ -8,6 +8,7 @@
 import cpw.mods.fml.common.network.simpleimpl.IMessage;
 import cpw.mods.fml.common.network.simpleimpl.IMessageHandler;
 import cpw.mods.fml.common.network.simpleimpl.MessageContext;
+import crazypants.enderio.network.PacketUtil;
 import io.netty.buffer.ByteBuf;
 
 public class PacketItemBuffer implements IMessage, IMessageHandler<PacketItemBuffer, IMessage> {
@@ -47,6 +48,7 @@ public void fromBytes(ByteBuf buf) {
     public IMessage onMessage(PacketItemBuffer message, MessageContext ctx) {
         EntityPlayer player = ctx.getServerHandler().playerEntity;
         TileEntity te = player.worldObj.getTileEntity(message.x, message.y, message.z);
+        if (PacketUtil.isInvalidPacketForGui(ctx, te, getClass())) return null;
         if (te instanceof IItemBuffer) {
             ((IItemBuffer) te).setBufferStacks(message.bufferStacks);
         }

src/main/java/crazypants/enderio/machine/PacketRedstoneMode.java

@@ -6,6 +6,7 @@
 import cpw.mods.fml.common.network.simpleimpl.IMessage;
 import cpw.mods.fml.common.network.simpleimpl.IMessageHandler;
 import cpw.mods.fml.common.network.simpleimpl.MessageContext;
+import crazypants.enderio.network.PacketUtil;
 import io.netty.buffer.ByteBuf;
 
 public class PacketRedstoneMode implements IMessage, IMessageHandler<PacketRedstoneMode, IMessage> {
@@ -52,6 +53,7 @@ public void fromBytes(ByteBuf buf) {
     public IMessage onMessage(PacketRedstoneMode message, MessageContext ctx) {
         EntityPlayer player = ctx.getServerHandler().playerEntity;
         TileEntity te = player.worldObj.getTileEntity(message.x, message.y, message.z);
+        if (PacketUtil.isInvalidPacketForGui(ctx, te, getClass())) return null;
         if (te instanceof IRedstoneModeControlable) {
             IRedstoneModeControlable me = (IRedstoneModeControlable) te;
             me.setRedstoneControlMode(message.mode);

src/main/java/crazypants/enderio/machine/alloy/PacketClientState.java

@@ -5,6 +5,7 @@
 import cpw.mods.fml.common.network.simpleimpl.IMessage;
 import cpw.mods.fml.common.network.simpleimpl.IMessageHandler;
 import cpw.mods.fml.common.network.simpleimpl.MessageContext;
+import crazypants.enderio.network.PacketUtil;
 import io.netty.buffer.ByteBuf;
 
 public class PacketClientState implements IMessage, IMessageHandler<PacketClientState, IMessage> {
@@ -43,6 +44,7 @@ public void fromBytes(ByteBuf buf) {
 
     public IMessage onMessage(PacketClientState message, MessageContext ctx) {
         TileEntity te = ctx.getServerHandler().playerEntity.worldObj.getTileEntity(message.x, message.y, message.z);
+        if (PacketUtil.isInvalidPacketForGui(ctx, te, getClass())) return null;
         if (te instanceof TileAlloySmelter) {
             TileAlloySmelter me = (TileAlloySmelter) te;
             me.setMode(message.mode);

src/main/java/crazypants/enderio/machine/capbank/ContainerCapBank.java

@@ -10,15 +10,14 @@
 import net.minecraft.item.ItemStack;
 import net.minecraft.util.IIcon;
 
-import com.enderio.core.common.ContainerEnder;
-
 import cpw.mods.fml.relauncher.Side;
 import cpw.mods.fml.relauncher.SideOnly;
 import crazypants.enderio.machine.capbank.network.InventoryImpl;
+import crazypants.enderio.machine.gui.ContainerEnderTileEntity;
 import crazypants.util.BaublesUtil;
 import crazypants.util.ShadowInventory;
 
-public class ContainerCapBank extends ContainerEnder<TileCapBank> {
+public class ContainerCapBank extends ContainerEnderTileEntity<TileCapBank> {
 
     private InventoryImpl inv;