PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-05 14:19:01 +00:00
Code Issues Projects Releases Wiki Activity

Potential bug fix (escaping formatted regular expressions)

Browse Source
This commit is contained in:
Miroslav Stampar
2014-10-28 14:02:55 +01:00
parent 268e774087
commit 3b3b8d4ef2
6 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/core/common.py
View File

@@ -1286,7 +1286,7 @@ def expandAsteriskForColumns(expression):
if expression != conf.query:
conf.db = db
else:
expression = re.sub(r"([^\w])%s" % conf.tbl, "\g<1>%s.%s" % (conf.db, conf.tbl), expression)
expression = re.sub(r"([^\w])%s" % re.escape(conf.tbl), "\g<1>%s.%s" % (conf.db, conf.tbl), expression)
else:
conf.db = db
conf.db = safeSQLIdentificatorNaming(conf.db)
@@ -2503,11 +2503,11 @@ def removeDynamicContent(page):
if prefix is None and suffix is None:
continue
elif prefix is None:
page = re.sub(r'(?s)^.+%s' % suffix, suffix, page)
page = re.sub(r'(?s)^.+%s' % re.escape(suffix), suffix, page)
elif suffix is None:
page = re.sub(r'(?s)%s.+$' % prefix, prefix, page)
page = re.sub(r'(?s)%s.+$' % re.escape(prefix), prefix, page)
else:
page = re.sub(r'(?s)%s.+%s' % (prefix, suffix), '%s%s' % (prefix, suffix), page)
page = re.sub(r'(?s)%s.+%s' % (re.escape(prefix), re.escape(suffix)), '%s%s' % (prefix, suffix), page)
return page

2
lib/core/option.py
View File

@@ -233,7 +233,7 @@ def _feedTargetsDict(reqFile, addedTargetUrls):
for match in re.finditer(BURP_XML_HISTORY_REGEX, content, re.I | re.S):
port, request = match.groups()
request = request.decode("base64")
_ = re.search(r"%s:.+" % HTTP_HEADER.HOST, request)
_ = re.search(r"%s:.+" % re.escape(HTTP_HEADER.HOST), request)
if _:
host = _.group(0).strip()
if not re.search(r":\d+\Z", host):