Crash exploit
TitanicFreak opened this issue Β· 52 comments
There is a wonderful crash bug going around in PermissionsEX currently, something that shouldn't exist.
On large servers with huge permissions.yml files, /pex promote a a, instantly crashes the server. I'm not a developer, but it seems the command just completely ignores permissions for some reason.
Please fix this and release an update ASAP. This does still work on the latest, 1.23.4.
Same issue here! when a players uses "/pex promote a a" my server insta crashes...
i'm using 1.12 paperspigot
I will need a copy of the "huge permissions.yml file" to attempt to recreate this issue, obtain any available error information printed to the console, and verify it's an actual bug.
This is the first time I'm hearing of this.
This issue first happened on our OPFactions, so we'll be providing that permissions.yml file.
You can find it here, ] Edit by Stombow: Removed permissions link to protect server Intellectual Property. The link is still in @zml2008 's email. [
For logs when the crash occured, https://hastebin.com/adodebewex.md
To reproduce it, it's simple, you just login with an account (default permissions) and type /pex promote a a. It'll grant you a permissions error, but PEX still runs the command anyway even if the player shouldn't have permissions to PEX. Thus crashing our server.
One thing I saw in your permissions file that you may have issues with that is unrelated to the above issue:
One of your groups has the global wildcard - '*'
listed above negated permission nodes. Those group members are probably not getting those negations properly because PEX reads the file from top to bottom, finds the global node, grants access to everything, and stops looking for permission to do something.
For example, the "Manager" group has the global wildcard above all of the following nodes:
- -animatednames.group.owner
- -animatednames.group.admin
- -animatednames.group.youtube
- -animatednames.group.mod
- -animatednames.group.moderator
- -animatednames.group.helper
- -animatednames.group.developer
- -animatednames.group.dev
- animatednames.group.manager
- chatformat.manager
so "Manager" group members may still have access to all of that stuff.
(The nodes animatednames.group.manager
and chatformat.manager
are granted after the global wildcard, and since the global gives those to users, these 2 nodes seem redundant, at a glance.)
If you notice "Manager" group members can access those negated permissions, moving the global node to the bottom of the list will fix this issue.
You're welcome. :-)
Hopefully we'll hear from @zml2008 soon about the original error.
That's rather odd, because we have tried this on several servers (including other smaller networks) and it does indeed cause a massive lag spike. Usually an instant crash if the server is big enough.
Granted we're using 1.8 on our Factions.
Tested in PEX 1.23.4, "Spigot" (not "PaperSpigot") for Minecraft 1.11.2 and I am denied access to the command if I have no PEX access or I'm informed the user is not in that ladder if I do have PEX access.
Tested in PEX 1.23.4, "Spigot" (not "PaperSpigot") for Minecraft 1.12.1 and I am denied access to the command if I have no PEX access or I'm informed the user is not in that ladder if I do have PEX access.
No errors posted to the console either.
Looks like this may only be affecting "PaperSpigot", an extremely small percentage of servers.
the autocomplete is what is causing the crash. as you can see the autocomplete is called before the permission to even use the command is checked (line 95)
This is most likely due to a lack of resources on your "huge server". ADD MORE RAM!
On smaller servers this causes lag spikes, on bigger servers this crashes the entire server.
I've tested this on multiple versions on both regular spigot and paperspigot. This caused a "successful" crash/lagspike everytime I tried.
Are all of you running these outdated/old servers (to keep the outdated combat system)?
I tested this on versions from 1.8.8 all the way to 1.12.1 And it worked every time I had a "large" permissions.yml file loaded.
the autocomplete is what is causing the crash. as you can see the autocomplete is called before the permission to even use the command is checked (line 95)
Yep. I can read the error code that @TitanicFreak posted. ;-)
I tested this on versions from 1.8.8 all the way to 1.12.1 And it worked every time I had a big permissions.yml file loaded.
I used @TitanicFreak 's permission file on 1.11.2 and 1.12.1 and didn't get the crash.
I noticed it crashes easier when more players are online. I'm not 100% sure about this, I just kinda noticed this while testing this (although i could be wrong).
this is pretty easy to fix then what are you still debating about damn literally copy and paste the permission check to be higher than the autocomplete
I've handled thousands and thousands of posts worth of tickets and issues on this project. @zml2008 knows this. :-)
PhanaticD is only the 4th who was a total piece of garbage, and the 1st to get all his friends to try to save him after his demanding attitude, abusive language, and spamming GitHub got him banned by GitHub staff.
@Stormbow I don't think that the decision of one website-wide moderator who probably had little to no evidence nor context to go on means that PhanaticD was in the wrong, especially considering that PhanaticD made an accurate statement on the cause of the issue, yet you ignored him and had his account flagged because of... what? You got upset at him for how you interpreted his (imo perfectly acceptable) comments?
I'll just leave this here: I don't know PhanaticD and I'm certainly not a friend of his, but this is ridiculous. @ocelotpotpie @LaxWasHere I'll join you on the other side once I get flagged as well.
PS: While I was writing this, you then posted:
I've handled thousands and thousands of posts worth of tickets and issues on this project.
As of the time of posting, 604 issues. 60 of which arguably haven't been fully "handled", as they're still open.
Now show us the hundreds of thousands of post views and more than 50 pages of threads I handled when PermissionsEx was handled mostly on the Bukkit website forums.
@zml2008 is aware of all of those, and all the guides I wrote for PEX and Essentials/EssentialsX there.
Bashing me to defend your friend is not working.
@Stormbow for the record, I have no idea who PhanaticD is. I'm not their friend.
Re-reading the comments in the screenshot - PhanaticD's attitude was only "garbage" AFTER your negative response to them. The other comments in the thread just look like normal issue comments to me. I'm not sure why you think they're a "piece of garbage" and have resorted to attacking them personally, going so far as to flag their account with GitHub.
You're the only one in this thread whose behavior I've seen is a problem.
You're attacking me because someone else deserved their punishment. That's the act of the convicted's friends, a fair assumption.
Bashing me to defend your friend is not working.
I don't know who PhanaticD i- hang on, didn't I already say this?
Huh, apparently I did. Who would've guessed?
Still waiting for that "evidence" proving I haven't helped thousands and thousands of people on this project.
I'm not attacking you. I haven't flagged your account. I'm pointing out your massive overreaction to a GitHub user's posts in this issue, which resulted in you flagging their account and having their repos impacted.
How many other threads you've posted on is irrelevant. You behavior in this thread is crappy. I hope the GitHub staff see this and resolve the issue with the person who's account you flagged just because they disagreed with you. And were not wrong.
@zml2008 has all the details. Your attacks against me are completely off topic.
As of the time of posting, 604 issues. 60 of which arguably haven't been fully "handled", as they're still open.
Almost all of the "open" tickets are assigned to @zml2008 β he is the one who handles issues regarding programming (because it's his project and he's got several years more experience with its concept and use than I have) and SQL (which I only used for 1 month on one server more than 4 years ago, and saw no benefit so I went back to a file backend).
I came to GitHub at the end of last year because the Bukkit forums were deleted without warning, and I didn't have any experience with GitHub and didn't have a system for how I would handle tickets here for quite some time.
There are currently 3 open issues assigned to me.
https://github.com/PEXPlugins/PermissionsEx/issues?q=is%3Aopen+assignee%3AStormbow
I'd say that's a pretty damn good job, especially considering a track record of resolving almost any issue in less than 4 posts from myself, and starting with virtually no important/pertinent information in 90% of the tickets.
I've been at work while a lot of this has been playing out, so I haven't been able to follow the issue well. I've talked to PhanaticD in the past and am not willing to assume they are in the wrong. Until I get back home tonight, I'd like people to send me anything they'd like to say privately since this issue has devolved into a lot of fighting and it doesn't seem like more debate would help at the moment. I'll look into what's happened and try to talk to people starting in 5-6 hours. If you'd like to talk to me, I'm zml#5963 on discord and I'll take calls from people involved who want to talk to me once I get home (5-6hrs from now)
this is pretty easy to fix then what are you still debating about damn literally copy and paste the permission check to be higher than the autocomplete
Understandably, @zml2008 doesn't patch for outdated servers and issues he can't recreate.
If people are keeping the outdated servers because of game mechanics (combat, 99.9% of the time), I'd recommend updating and using the plugin(s) which give them the outdated combat system back.
@TitanicFreak @SirKillian : Have you guys cleaned your permissions file lately? If the length of the file truly had anything to do with the crash, that may help.
/pex users cleanup <group> [threshold]
Purge user records, in the specified group, whose last logins were
before the threshold (in days). By default threshold is 30 days.
for one, I am not using outdated version I am on 1.12, and two the issue is in the pex software... its irrelevant if someone is on 1.8
for one, I am not using outdated version I am on 1.12, and two the issue is in the pex software... its irrelevant if someone is on 1.8
Your attitude is extremely relevant, however.
We just fixed it with:
@EventHandler(ignoreCancelled = true)
public void onCommand(PlayerCommandPreprocessEvent e){
Player p = e.getPlayer();
if(e.getMessage().startsWith("/pex promote") && !p.hasPermission("permissions.user.promote")){
p.sendMessage("Β§cSorry, you don't have enough permissions.");
e.setCancelled(true);
}
}
Kinda stupid that nobody here believes how its a real issue :/
my attitude? lol you are the one giving out all sorts of bullshit to everyone for a simple fix to a major problem
Kinda stupid that nobody here believes how its a real issue :/
Let's see...
3 people saying it happens to them on everything.
1 person posted nonsense which had nothing to do with the topic at hand.
1 person that can't recreate the issue and has not said it does not exist.
How many people does that make which don't believe it's a real issue?
And @PhanaticD cussing at me, the NOT PROGRAMMER, who is trying to help.
All of you can piss off, then.
Opening further threads for this issue will find them immediately locked.
@zml2008 has received all of these posts in email. If he wants to do something for it, he will.
Now that PhanaticD has been banned from GitHub, I can reopen this for @zml2008 to see in the open tickets instead of just through labels.
Sorry for the disturbance guys.
If you guys have any additional info that you think may help, you can post it here now too.
Thanks, @SirKillian for the code. It means nothing to me since I don't program PEX, but is likely to mean something to @zml2008.
This looks like PhanaticD was correct, especially since the PR has been re-opened.
@Stormbow Did you close this PR, report PhanaticD and have his comments removed, and then RE-OPEN this PR later?
That's pretty petty. Maybe just admit you over-reacted and then reported a user for no reason?
inb4 I get reported, too.
Someone who isn't a developer flaming someone for a suggesting a simple fix? @zml2008 you need someone better to handle issues.
PhanaticD was right and to get his account flagged and all his issues on countless other open projects, issues that could very well be as serious as this one just so you can have your silly win, well, that's just a dick move on your part.
inb4 I get reported, too.
this is a legitimate issue I've been super busy irl lately stormbow could you pm me on bukkitdev with your side of the story pls
The comments were deleted by Emery of GitHub staff.
Their investigation determined that PhanaticD was abusing this website.
@Stormbow So you didn't flag him because of this thread?