mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2026-07-10 18:43:07 +00:00
53 lines
2 KiB
Python
53 lines
2 KiB
Python
#!/usr/bin/env python
|
|
|
|
"""
|
|
Copyright (c) 2006-2026 sqlmap developers (https://sqlmap.org)
|
|
See the file 'LICENSE' for copying permission
|
|
"""
|
|
|
|
import re
|
|
|
|
from lib.core.common import Backend
|
|
from lib.core.convert import getBytes
|
|
from lib.core.data import conf
|
|
from lib.core.enums import DBMS
|
|
from lib.core.exception import SqlmapUndefinedMethod
|
|
|
|
class Syntax(object):
|
|
"""
|
|
This class defines generic syntax functionalities for plugins.
|
|
"""
|
|
|
|
def __init__(self):
|
|
pass
|
|
|
|
@staticmethod
|
|
def _escape(expression, quote=True, escaper=None):
|
|
retVal = expression
|
|
|
|
if quote:
|
|
# Match a full SQL string literal, honouring the '' (doubled single quote) escape - e.g.
|
|
# 'a''b' is ONE literal whose value is a'b, not 'a'' followed by a dangling b'. The old
|
|
# r"'[^']*'+" split on the inner '' and left the tail bare, corrupting the encoded payload.
|
|
for item in re.findall(r"'(?:[^']|'')*'", expression):
|
|
value = item[1:-1].replace("''", "'") # inner content with '' collapsed to the real quote
|
|
if value:
|
|
if Backend.isDbms(DBMS.SQLITE) and "X%s" % item in expression:
|
|
continue
|
|
if re.search(r"\[(SLEEPTIME|RAND)", value) is None: # e.g. '[SLEEPTIME]' marker
|
|
replacement = escaper(value) if not conf.noEscape else value
|
|
|
|
if replacement != value:
|
|
retVal = retVal.replace(item, replacement)
|
|
elif len(value) != len(getBytes(value)) and "n%s" % item not in retVal and Backend.getDbms() in (DBMS.MYSQL, DBMS.PGSQL, DBMS.ORACLE, DBMS.MSSQL):
|
|
retVal = retVal.replace(item, "n%s" % item)
|
|
else:
|
|
retVal = escaper(expression)
|
|
|
|
return retVal
|
|
|
|
@staticmethod
|
|
def escape(expression, quote=True):
|
|
errMsg = "'escape' method must be defined "
|
|
errMsg += "inside the specific DBMS plugin"
|
|
raise SqlmapUndefinedMethod(errMsg)
|