PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Potential patch for an Issue #914

Browse Source
This commit is contained in:
Miroslav Stampar
2014-11-10 14:51:31 +01:00
parent cdbfb17408
commit dfa8e0456d
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/core/common.py
View File

@@ -1544,13 +1544,14 @@ def safeStringFormat(format_, params):
elif not isListLike(params):
retVal = retVal.replace("%s", str(params), 1)
else:
count, index = 0, 0
if retVal.count("%s") == len(params):
while index != -1:
index = retVal.find("%s")
if index != -1:
retVal = retVal[:index] + getUnicode(params[count]) + retVal[index + 2:]
count += 1
start, end = 0, len(retVal)
match = re.search(r"%s(.+)%s" % (PAYLOAD_DELIMITER, PAYLOAD_DELIMITER), retVal)
if match and PAYLOAD_DELIMITER not in match.group(1):
start, end = match.start(), match.end()
if retVal.count("%s", start, end) == len(params):
for param in params:
index = retVal.find("%s", start)
retVal = retVal[:index] + getUnicode(param) + retVal[index + 2:]
else:
count = 0
while True: