duckietm/Arcturus-Morningstar-Extended
1
0
Fork 0
mirror of https://github.com/duckietm/Arcturus-Morningstar-Extended.git synced 2026-06-19 15:06:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(rooms): bound rights removal batches

Browse Source
This commit is contained in:
simoleo89
2026-06-14 15:59:56 +02:00
parent 8e21765676
commit df2a849adc
2 changed files with 41 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Emulator/src/main/java/com/eu/habbo/messages/incoming/rooms/users/RoomUserRemoveRightsEvent.java
+9
View File
@@ -3,8 +3,12 @@ package com.eu.habbo.messages.incoming.rooms.users;
import com.eu.habbo.habbohotel.permissions.Permission;
import com.eu.habbo.habbohotel.rooms.Room;
import com.eu.habbo.messages.incoming.MessageHandler;
import com.eu.habbo.util.PacketGuard;
public class RoomUserRemoveRightsEvent extends MessageHandler {
private static final int MAX_RIGHTS_REMOVALS = 100;
private static final int BYTES_PER_USER_ID = 4;
@Override
public void handle() throws Exception {
int amount = this.packet.readInt();
@@ -15,6 +19,11 @@ public class RoomUserRemoveRightsEvent extends MessageHandler {
return;
if (room.getOwnerId() == this.client.getHabbo().getHabboInfo().getId() || this.client.getHabbo().hasPermission(Permission.ACC_ANYROOMOWNER)) {
if (!PacketGuard.isCountInRange(amount, 1, MAX_RIGHTS_REMOVALS)
|| !PacketGuard.hasFixedWidthEntries(this.packet, amount, BYTES_PER_USER_ID)) {
return;
}
for (int i = 0; i < amount; i++) {
int userId = this.packet.readInt();
Emulator/src/test/java/com/eu/habbo/messages/incoming/rooms/users/RoomUserRemoveRightsContractTest.java
+32
View File
@@ -0,0 +1,32 @@
package com.eu.habbo.messages.incoming.rooms.users;
import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import org.junit.jupiter.api.Test;
class RoomUserRemoveRightsContractTest {
private static final Path SOURCE = Path.of(
"src/main/java/com/eu/habbo/messages/incoming/rooms/users/RoomUserRemoveRightsEvent.java");
@Test
void removeRightsBatchIsBoundedAndRequiresCompletePayload() throws IOException {
String source = Files.readString(SOURCE);
assertTrue(source.contains("private static final int MAX_RIGHTS_REMOVALS = 100;"));
assertTrue(source.contains("PacketGuard.isCountInRange(amount, 1, MAX_RIGHTS_REMOVALS)"));
assertTrue(source.contains("PacketGuard.hasFixedWidthEntries(this.packet, amount, BYTES_PER_USER_ID)"));
int guardIndex = source.indexOf("PacketGuard.isCountInRange(amount, 1, MAX_RIGHTS_REMOVALS)");
int payloadIndex = source.indexOf("PacketGuard.hasFixedWidthEntries(this.packet, amount, BYTES_PER_USER_ID)");
int readIndex = source.indexOf("int userId = this.packet.readInt();");
int removeIndex = source.indexOf("room.removeRights(userId);");
assertTrue(guardIndex < readIndex, "batch size should be validated before reading user ids");
assertTrue(payloadIndex < readIndex, "payload length should be validated before reading user ids");
assertTrue(readIndex < removeIndex, "rights should only be removed after reading a validated user id");
}
}