Sending malformed NBT tags to the server can cause a crash.

When an NBTTagCompound is loaded from a java.io.DataInput it loops through all of the bytes. During each iteration of the loop it reads in the NBT key and then reads in the value. The problematic point is the reading of the key. The function used is readUTF. This reads in the string in Modified-UTF-8. If the bytes of a char are malformed (I won't explain how because I don't entirely understand it, but basically you can just read the JavaDoc for java.io.DataInput#readUTF()) it will throw an exception, which is potentially caught by a function that will throw a different, fatal, exception. A modified client could override the writeUTF function to write malformed NBT data which could cause the server to crash.

My solution was to wrap the reading of the key in a try-catch statement, and if the exception is caught, clear the tag map and break from the loop.