overflow (int32) decode an nbt (schematic file) with very large number of blocks (3192890994=35011944701)

Question

overflow (int32) decode an nbt (schematic file) with very large number of blocks (3192890994=35011944701)

CMA2401PT opened this issue 2 years ago · 5 comments

overflow when decode an nbt (schematic file) with very large number of blocks (3192890994=35011944701)

at nbt/decode.go ,line 190:

case TagByteArray:
aryLen, err := d.readInt32() <- overflow here, get -1102076302= 0xbe4fa672(int32), but expected to be 3192890994 = 0xbe4fa672(uint32)

    if err != nil {
        return err
    }
    if aryLen < 0 { <- then error
        return errors.New("byte array len less than 0")
    }

version is go-mc@1.7.0, but it seems current version has same error since it still reads an int32

could you please consider change it to an uint32?
something like:
aryLenInt32, err := d.readInt32()
aryLenInt:=uint32(aryLenInt32)

Answer 1 · 2022-08-11T09:48:21.000Z

It could be changed. But are you sure it can solve the problem you meet? Such a large array?

Answer 2 · 2022-08-11T09:52:37.000Z

According to https://wiki.vg/NBT, the TAG_Byte_Array prefixes a signed integer.

Answer 3 · 2022-08-11T09:53:42.000Z

yes, already solved
if it is necessary, I can send the schematic file to you

here is the commit in the relevant project:

https://github.com/LNSSPsd/PhoenixBuilder/commit/73b40cb45f3dd0ae1f3f7648153cc12a3b289c0c
bouldev/phoenixbuilder-depends#2

Answer 4 · 2022-08-11T10:31:00.000Z

Can other nbt implement handle your file?

Answer 5 · 2022-08-11T11:31:19.000Z

you are right, it seems that the author of this schematic file omit the standard you mentioned to save such large area… sorry for this issue