Limit max size of subscription codec#13943
Conversation
|
I think we should set the value in the configuration settings and disable it by default |
Could you clarify when this limit would need to be disabled or changed? The current vanilla debug subscription count is 16, so 64 seems safe above the expected value while still preventing abusive decode sizes. I am not sure Paper's global configuration is guaranteed to be loaded before this codec is initialized. |
|
Given this is a debug feature, I believe having it limited by default is fine. General making exploit fixes opt-in somewhat defeats their purpose imo |
|
Thank you for your PR! Yeah, this does not need to be configurable. |
|
This seems to be patched by Mojang in 26.2, should this be backported to old versions? |
Owen1212055
force-pushed
the
fix/limit-subscription-size
branch
from
27ce222 to
5e7a5f9
Compare
Owen1212055
force-pushed
the
fix/limit-subscription-size
branch
from
5e7a5f9 to
591dc20
Compare
github-project-automation
Bot
moved this from Awaiting review
to Merged
in Paper PR Queue
|
Can a player without OP permissions exploit this? If so, why is this debug feature allowed for players without OP permissions? |
This works on the netty level, permissions are not checked yet when decoding packets. |
5 participants
Description
This PR adds a maximum size limit to the
ServerboundDebugSubscriptionRequestPacketcodec.Debug subscription packets are known to be abused by hack clients, in local testing, one client was able to fully occupy at least one Netty IO thread on a high-end system without triggering Paper's packet limiter.
Fix
Requests containing more than 64 subscriptions are now rejected and disconnect the client with a DecoderException to avoid excessive CPU usage and memory alloc.
The max size should be changed once Mojang adds more subscriptions in DebugSubscriptions. (currently the total count of subscriptions is 16 tho)