data.go: introduced DeviceID formats.#378
Merged
Sandertv merged 28 commits intoSandertv:masterfrom Feb 5, 2026
Merged
Conversation
Introduces validation for string fields, array sizes, and device IDs in ClientData to prevent malformed or malicious input. Device ID validation now supports multiple formats based on device model, including GUID, Base64, and BigInt hex. These checks help prevent server crashes and ensure data integrity.
Add DeviceIDFormat and DeviceID types to allow for parsing of the DeviceID which can be used by the user to manually validate devices as we currently don't have a large enough dataset to fully document expected formats. Change default DeviceID to BigInt instead of UUID as it is more standard. Remove strict DeviceID format checks and instead introduced parsing.
TrippleAWap
changed the title
Owner
|
I would much rather we do specific checks for each individual field as opposed to blanket checks using reflection. These are slow, hard to read and not as strict as they should be in many places. |
Contributor
Author
that seems fair, i'll remove the reflection based checks then. What about the introduction of DeviceIDFormat? |
Owner
|
Definitely not opposed to more documentation and checks on the device ID. I think the introduction of DeviceIDFormat is a good idea. |
Changed methods to take a reference as copying is expensive.
Added length restrictions so we don't do expensive checks that most likely aren't needed. Without this a targeted attack could easily abuse this check.
TrippleAWap
changed the title
Contributor
Author
|
Now the current structure I have for the errors related to validating the persona isn't something I believe you'd be happy with merging but I honestly don't know how I should structure this. If you could let me know I'll gladly change it! |
Updated DeviceIDFormat enum to distinguish between upper and lower hex string formats, removed BigInt format, and improved the DeviceID.Format() method to more accurately detect device ID formats based on decoded length and character case. Updated documentation to clarify mapping between DeviceOS and DeviceIDFormat.
This comment was marked as resolved.
This comment was marked as resolved.
Changed BuildPlatform fields in AddPlayer and PlayerListEntry structs from int32 to the DeviceOS type for improved type safety and clarity. Updated related marshaling code and imports accordingly.
Contributor
Author
|
I'm happy with how this is now, if you have anything you would like me to change please let me know! |
TrippleAWap
changed the title
TwistedAsylumMC
requested changes
Jan 12, 2026
Reverted protocol changes. Updated DeviceID format validation to check for 16-byte hex strings. Cleaned up imports and improved comments for clarity. PS. All checks have now been tested with a test file that was later removed.
Added a descriptive comment above the Format method of DeviceID to clarify its purpose and behavior.
Contributor
Author
|
Everything here should be good now, let me know if there's anything else! :) |
TwistedAsylumMC
approved these changes
Jan 12, 2026
Introduces DeviceIDFormatUnknown to distinguish undetermined formats from invalid ones. Updates the Format method to return Unknown when no format is matched and Invalid when constraints are not met. Adds a String method for DeviceIDFormat and an Expected method to determine the expected DeviceID format based on DeviceOS.
Contributor
Author
|
Last commit was more of a QOL change, if you guys have any issues with it let me know! |
Changed Conn.ClientData to return a pointer to ClientData. Refactored DeviceIDFormat to remove the Unknown variant, updated String() and Format() methods to use Invalid as the default for unknown formats, and adjusted related logic for consistency.
Updated the DeviceIDFormat.String() method to return 'Invalid' instead of 'Unknown' for unrecognized values, ensuring consistency in error handling.
Introduces a ShouldAccept function field to the Listener struct, allowing custom logic to accept or reject incoming connections. If ShouldAccept is set and returns false, the connection is rejected and a log message is printed.
This reverts commit 5911791.
The 'log' package import was unused in minecraft/listener.go and has been removed to clean up the code.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Introduces validation for string fields, array sizes, and device IDs in ClientData to prevent malformed or malicious input. Device ID validation now supports multiple formats based on device model, including GUID, Base64, and BigInt hex. These checks help prevent server crashes and ensure data integrity.