mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2026-07-10 10:33:09 +00:00
Minor patch
This commit is contained in:
parent
f65dc92b1e
commit
89ddc5a592
3 changed files with 14 additions and 9 deletions
|
|
@ -20,7 +20,7 @@ from lib.core.enums import OS
|
|||
from thirdparty import six
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.10.7.37"
|
||||
VERSION = "1.10.7.38"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
|
|||
|
|
@ -16,6 +16,8 @@ class Syntax(GenericSyntax):
|
|||
True
|
||||
>>> Syntax.escape(u"SELECT 'abcd\xebfgh' FROM foobar") == "SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||NCHR(235)||CHR(102)||CHR(103)||CHR(104) FROM foobar"
|
||||
True
|
||||
>>> Syntax.escape("SELECT 'a''b' FROM DUAL") == "SELECT CHR(97)||CHR(39)||CHR(98) FROM DUAL"
|
||||
True
|
||||
"""
|
||||
|
||||
def escaper(value):
|
||||
|
|
|
|||
|
|
@ -26,18 +26,21 @@ class Syntax(object):
|
|||
retVal = expression
|
||||
|
||||
if quote:
|
||||
for item in re.findall(r"'[^']*'+", expression):
|
||||
original = item[1:-1]
|
||||
if original:
|
||||
# Match a full SQL string literal, honouring the '' (doubled single quote) escape - e.g.
|
||||
# 'a''b' is ONE literal whose value is a'b, not 'a'' followed by a dangling b'. The old
|
||||
# r"'[^']*'+" split on the inner '' and left the tail bare, corrupting the encoded payload.
|
||||
for item in re.findall(r"'(?:[^']|'')*'", expression):
|
||||
value = item[1:-1].replace("''", "'") # inner content with '' collapsed to the real quote
|
||||
if value:
|
||||
if Backend.isDbms(DBMS.SQLITE) and "X%s" % item in expression:
|
||||
continue
|
||||
if re.search(r"\[(SLEEPTIME|RAND)", original) is None: # e.g. '[SLEEPTIME]' marker
|
||||
replacement = escaper(original) if not conf.noEscape else original
|
||||
if re.search(r"\[(SLEEPTIME|RAND)", value) is None: # e.g. '[SLEEPTIME]' marker
|
||||
replacement = escaper(value) if not conf.noEscape else value
|
||||
|
||||
if replacement != original:
|
||||
if replacement != value:
|
||||
retVal = retVal.replace(item, replacement)
|
||||
elif len(original) != len(getBytes(original)) and "n'%s'" % original not in retVal and Backend.getDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.ORACLE, DBMS.MSSQL):
|
||||
retVal = retVal.replace("'%s'" % original, "n'%s'" % original)
|
||||
elif len(value) != len(getBytes(value)) and "n%s" % item not in retVal and Backend.getDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.ORACLE, DBMS.MSSQL):
|
||||
retVal = retVal.replace(item, "n%s" % item)
|
||||
else:
|
||||
retVal = escaper(expression)
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue