diff --git a/src/com/hypixel/hytale/storage/IndexedStorageFile.java b/src/com/hypixel/hytale/storage/IndexedStorageFile.java index 5ba83e7f..218abc5c 100644 --- a/src/com/hypixel/hytale/storage/IndexedStorageFile.java +++ b/src/com/hypixel/hytale/storage/IndexedStorageFile.java @@ -426,7 +426,7 @@ public class IndexedStorageFile implements Closeable { ByteBuffer blobHeaderBuffer; try { int firstSegmentIndex = this.mappedBlobIndexes.getInt(indexPos); - if (firstSegmentIndex != 0) { + if (firstSegmentIndex > 0) { // Changed from != 0 to > 0 to reject negative indices blobHeaderBuffer = this.readBlobHeader(firstSegmentIndex); srcLength = blobHeaderBuffer.getInt(SRC_LENGTH_OFFSET); int compressedLength = blobHeaderBuffer.getInt(COMPRESSED_LENGTH_OFFSET); @@ -458,7 +458,7 @@ public class IndexedStorageFile implements Closeable { int srcLength; try { int firstSegmentIndex = this.mappedBlobIndexes.getInt(indexPos); - if (firstSegmentIndex == 0) { + if (firstSegmentIndex <= 0) { // Changed from == 0 to <= 0 to reject negative indices return; } @@ -509,8 +509,16 @@ public class IndexedStorageFile implements Closeable { } } + private static final int MAX_COMPRESSED_LENGTH = 256 * 1024 * 1024; // 256MB max to prevent OOM + @Nonnull protected ByteBuffer readSegments(int firstSegmentIndex, int compressedLength) throws IOException { + if (compressedLength <= 0 || compressedLength > MAX_COMPRESSED_LENGTH) { + throw new IOException("Invalid compressed length: " + compressedLength); + } + if (firstSegmentIndex <= 0) { + throw new IOException("Invalid segment index: " + firstSegmentIndex); + } ByteBuffer buffer = allocateDirect(compressedLength); long segmentPosition = this.segmentPosition(firstSegmentIndex); if (this.fileChannel.read(buffer, segmentPosition + BLOB_HEADER_LENGTH) != compressedLength) {