PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

introduced safe string formatting

Browse Source
This commit is contained in:
Miroslav Stampar
2010-01-15 16:06:59 +00:00
parent dcf0b2a3c1
commit 5f171340f5
5 changed files with 31 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/core/common.py
View File

@@ -41,6 +41,7 @@ from lib.core.data import queries
from lib.core.data import temp
from lib.core.convert import urlencode
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapNoneDataException
from lib.core.settings import IS_WIN
from lib.core.settings import SQL_STATEMENTS
from lib.core.settings import VERSION_STRING
@@ -847,3 +848,20 @@ def normalizePath(path):
else:
retVal = ntpath.normpath(path)
return retVal
def safeStringFormat(formatStr, params):
index = 0
count = 0
retVal = formatStr.replace('%d', '%s')
while index !=- 1:
index = retVal.find('%s')
if index != -1:
if count < len(params):
retVal = retVal[:index] + str(params[count]) + retVal[index+2:]
else:
raise sqlmapNoneDataException, "wrong number of parameters during string formatting"
count += 1
return retVal