PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

safe decoding values going into --replicate (as we should have a "replicate" and sqlite3 supports all chars)

Browse Source
This commit is contained in:
Miroslav Stampar
2011-04-14 13:53:56 +00:00
parent 30bfefd638
commit eafab03d99
3 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/replication.py
View File

@@ -7,6 +7,7 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.convert import safechardecode
from lib.core.exception import sqlmapMissingDependence
from lib.core.exception import sqlmapValueException
@@ -63,8 +64,9 @@ class Replication:
"""
This function is used for inserting row(s) into current table.
"""
if len(values) == len(self.columns):
self.parent.cursor.execute('INSERT INTO %s VALUES (%s)' % (self.name, ','.join(['?']*len(values))), values)
self.parent.cursor.execute('INSERT INTO %s VALUES (%s)' % (self.name, ','.join(['?']*len(values))), safechardecode(values))
else:
errMsg = "wrong number of columns used in replicating insert"
raise sqlmapValueException, errMsg