PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

update regarding safe character output together with a small fix for newlines

Browse Source
This commit is contained in:
Miroslav Stampar
2011-04-14 09:31:45 +00:00
parent 5dfb55effc
commit 04986be4b9
5 changed files with 16 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/core/convert.py
View File

@@ -134,20 +134,22 @@ def htmlescape(value):
def htmlunescape(value):
return value.replace('&amp;', '&').replace('&lt;', '<').replace('&gt;', '>').replace('&quot;', '"').replace('&#39;', "'").replace('&nbsp;', ' ')
def safehexencode(value):
def safecharencode(value):
"""
Returns safe hex representation of a given basestring value
Returns safe representation of a given basestring value
>>> safehexencode(u'test123')
>>> safecharencode(u'test123')
u'test123'
>>> safehexencode(u'test\x01\x02\xff')
>>> safecharencode(u'test\x01\x02\xff')
u'test\\01\\02\\03\\ff'
"""
retVal = value
if isinstance(value, basestring):
retVal = reduce(lambda x, y: x + (y if (y in string.printable or ord(y) > 255) else '\%02x' % ord(y)), value, unicode())
for char in "\t\n\r\x0b\x0c":
retVal = retVal.replace(char, repr(char).strip('\''))
elif isinstance(value, list):
for i in xrange(len(value)):
retVal[i] = safehexencode(value[i])
retVal[i] = safecharencode(value[i])
return retVal