sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-02 20:54:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Probable fix for an Issue #788

Browse Source
This commit is contained in:
Miroslav Stampar 2014-08-13 14:01:57 +02:00
parent 5436635acb
commit 0a74ae736f
1 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
lib/core/common.py
View File

@ -1512,15 +1512,24 @@ def safeStringFormat(format_, params):
retVal = retVal.replace("%s", str(params), 1) retVal = retVal.replace("%s", str(params), 1)
else: else:
count, index = 0, 0 count, index = 0, 0
while index != -1: if retVal.count("%s") == len(params):
index = retVal.find("%s") while index != -1:
if index != -1: index = retVal.find("%s")
if count < len(params): if index != -1:
retVal = retVal[:index] + getUnicode(params[count]) + retVal[index + 2:] retVal = retVal[:index] + getUnicode(params[count]) + retVal[index + 2:]
count += 1
else:
count = 0
while True:
match = re.search(r"(\A|[^A-Za-z0-9])(%s)([^A-Za-z0-9]|\Z)", retVal)
if match:
if count > len(params):
raise Exception("wrong number of parameters during string formatting")
else:
retVal = re.sub(r"(\A|[^A-Za-z0-9])(%s)([^A-Za-z0-9]|\Z)", r"\g<1>%s\g<3>" % params[count], retVal, 1)
count += 1
else: else:
raise Exception("wrong number of parameters during string formatting") break
count += 1
return retVal return retVal
def getFilteredPageContent(page, onlyText=True): def getFilteredPageContent(page, onlyText=True):