PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

minor check added for invalid urls (e.g. deliberately too long)

Browse Source
This commit is contained in:
Miroslav Stampar
2012-01-07 16:06:18 +00:00
parent 164c8a4020
commit a675c88894
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/core/common.py
View File

@@ -1248,7 +1248,12 @@ def parseTargetUrl():
conf.path = __urlSplit[2].strip()
conf.hostname = __hostnamePort[0].strip()
if any((re.search(r'\s', conf.hostname), '..' in conf.hostname, conf.hostname.startswith('.'))):
try:
_ = conf.hostname.encode("idna")
except UnicodeError:
_ = None
if any((_ is None, re.search(r'\s', conf.hostname), '..' in conf.hostname, conf.hostname.startswith('.'))):
errMsg = "invalid target url"
raise sqlmapSyntaxException, errMsg