Improve network security (#2152)

Add missing cheat guard to item deletion

src/main/java/mezz/jei/network/PacketHandler.java

@@ -45,7 +45,7 @@ public void onPacket(NetworkEvent.ClientCustomPayloadEvent event) {
 			PacketIdServer packetId = PacketIdServer.VALUES[packetIdOrdinal];
 			IPacketJeiHandler packetHandler = serverHandlers.get(packetId);
 			packetHandler.readPacketData(packetBuffer, player);
-		} catch (RuntimeException e) {
+		} catch (Throwable e) {
 			LOGGER.error("Packet error for event: {}", event, e);
 		}
 		event.getSource().get().setPacketHandled(true);

src/main/java/mezz/jei/network/PacketHandlerClient.java

@@ -35,7 +35,7 @@ public void onPacket(NetworkEvent.ServerCustomPayloadEvent event) {
 			if (player != null) {
 				packetHandler.readPacketData(packetBuffer, player);
 			}
-		} catch (Exception e) {
+		} catch (Throwable e) {
 			LOGGER.error("Packet error", e);
 		}
 		event.getSource().get().setPacketHandled(true);

src/main/java/mezz/jei/network/packets/PacketDeletePlayerItem.java

@@ -1,12 +1,13 @@
 package mezz.jei.network.packets;
 
+import mezz.jei.network.IPacketId;
+import mezz.jei.network.PacketIdServer;
+import mezz.jei.util.CommandUtilServer;
 import net.minecraft.entity.player.PlayerEntity;
 import net.minecraft.item.Item;
 import net.minecraft.item.ItemStack;
 import net.minecraft.network.PacketBuffer;
-
-import mezz.jei.network.IPacketId;
-import mezz.jei.network.PacketIdServer;
+import net.minecraftforge.registries.ForgeRegistries;
 
 public class PacketDeletePlayerItem extends PacketJei {
 	private final ItemStack itemStack;
@@ -22,16 +23,16 @@ public IPacketId getPacketId() {
 
 	@Override
 	public void writePacketData(PacketBuffer buf) {
-		int itemId = Item.getIdFromItem(itemStack.getItem());
-		buf.writeShort(itemId);
+		buf.writeRegistryIdUnsafe(ForgeRegistries.ITEMS, itemStack.getItem());
 	}
 
 	public static void readPacketData(PacketBuffer buf, PlayerEntity player) {
-		int itemId = buf.readShort();
-		Item item = Item.getItemById(itemId);
-		ItemStack playerItem = player.inventory.getItemStack();
-		if (!playerItem.isEmpty() && playerItem.getItem() == item) {
-			player.inventory.setItemStack(ItemStack.EMPTY);
+		Item item = buf.readRegistryIdUnsafe(ForgeRegistries.ITEMS);
+		if (CommandUtilServer.hasPermission(player)) {
+			ItemStack playerItem = player.inventory.getItemStack();
+			if (playerItem.getItem() == item) {
+				player.inventory.setItemStack(ItemStack.EMPTY);
+			}
 		}
 	}
 }

src/main/java/mezz/jei/network/packets/PacketRecipeTransfer.java

@@ -56,22 +56,22 @@ public void writePacketData(PacketBuffer buf) {
 
 	public static void readPacketData(PacketBuffer buf, PlayerEntity player) {
 		int recipeMapSize = buf.readVarInt();
-		Map<Integer, Integer> recipeMap = new HashMap<>(recipeMapSize);
+		Map<Integer, Integer> recipeMap = new HashMap<>();
 		for (int i = 0; i < recipeMapSize; i++) {
 			int slotIndex = buf.readVarInt();
 			int recipeItem = buf.readVarInt();
 			recipeMap.put(slotIndex, recipeItem);
 		}
 
 		int craftingSlotsSize = buf.readVarInt();
-		List<Integer> craftingSlots = new ArrayList<>(craftingSlotsSize);
+		List<Integer> craftingSlots = new ArrayList<>();
 		for (int i = 0; i < craftingSlotsSize; i++) {
 			int slotIndex = buf.readVarInt();
 			craftingSlots.add(slotIndex);
 		}
 
 		int inventorySlotsSize = buf.readVarInt();
-		List<Integer> inventorySlots = new ArrayList<>(inventorySlotsSize);
+		List<Integer> inventorySlots = new ArrayList<>();
 		for (int i = 0; i < inventorySlotsSize; i++) {
 			int slotIndex = buf.readVarInt();
 			inventorySlots.add(slotIndex);