diff --git a/lib/core/common.py b/lib/core/common.py index bb1c635c9..bb749e7af 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2151,14 +2151,20 @@ def shellExec(cmd): """ Executes arbitrary shell command - >>> shellExec('echo 1').strip() == b'1' + >>> shellExec('echo 1').strip() == '1' True """ + retVal = "" + try: - return subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT).communicate()[0] or "" + retVal = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT).communicate()[0] or "" except Exception as ex: - return six.text_type(ex) + retVal = getSafeExString(ex) + finally: + retVal = getText(retVal) + + return retVal def clearConsoleLine(forceOutput=False): """ diff --git a/lib/core/revision.py b/lib/core/revision.py index 277d1f5f6..063761875 100644 --- a/lib/core/revision.py +++ b/lib/core/revision.py @@ -9,6 +9,8 @@ import os import re import subprocess +from lib.core.common import getText + def getRevisionNumber(): """ Returns abbreviated commit hash number as retrieved with "git rev-parse --short HEAD" @@ -50,7 +52,7 @@ def getRevisionNumber(): try: process = subprocess.Popen("git rev-parse --verify HEAD", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) stdout, _ = process.communicate() - match = re.search(r"(?i)[0-9a-f]{32}", stdout or "") + match = re.search(r"(?i)[0-9a-f]{32}", getText(stdout or "")) retVal = match.group(0) if match else None except: pass diff --git a/lib/core/settings.py b/lib/core/settings.py index 24755dd33..77af8c08d 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty import six # sqlmap version (...) -VERSION = "1.3.5.80" +VERSION = "1.3.5.81" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/core/testing.py b/lib/core/testing.py index 24d34ab1a..fd7e9ba06 100644 --- a/lib/core/testing.py +++ b/lib/core/testing.py @@ -80,7 +80,6 @@ def vulnTest(): ): cmd = "%s %s -u http://%s:%d/?id=1 --batch %s" % (sys.executable, os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py"), address, port, options) output = shellExec(cmd) - output = getUnicode(output) if not all(check in output for check in checks): dataToStdout("---\n\n$ %s\n" % cmd) diff --git a/lib/core/update.py b/lib/core/update.py index 39b221e14..8cbaf37d6 100644 --- a/lib/core/update.py +++ b/lib/core/update.py @@ -17,6 +17,7 @@ import zipfile from lib.core.common import dataToStdout from lib.core.common import getSafeExString from lib.core.common import getLatestRevision +from lib.core.common import getText from lib.core.common import pollProcess from lib.core.common import readInput from lib.core.data import conf @@ -106,23 +107,25 @@ def update(): dataToStdout("\r[%s] [INFO] update in progress" % time.strftime("%X")) try: - process = subprocess.Popen("git checkout . && git pull %s HEAD" % GIT_REPOSITORY, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=paths.SQLMAP_ROOT_PATH.encode(sys.getfilesystemencoding() or UNICODE_ENCODING)) + process = subprocess.Popen("git checkout . && git pull %s HEAD" % GIT_REPOSITORY, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, cwd=paths.SQLMAP_ROOT_PATH.encode(sys.getfilesystemencoding() or UNICODE_ENCODING)) pollProcess(process, True) - stdout, stderr = process.communicate() + output, _ = process.communicate() success = not process.returncode except (IOError, OSError) as ex: success = False - stderr = getSafeExString(ex) + output = getSafeExString(ex) + finally: + output = getText(output) if success: - logger.info("%s the latest revision '%s'" % ("already at" if "Already" in stdout else "updated to", getRevisionNumber())) + logger.info("%s the latest revision '%s'" % ("already at" if "Already" in output else "updated to", getRevisionNumber())) else: - if "Not a git repository" in stderr: + if "Not a git repository" in output: errMsg = "not a valid git repository. Please checkout the 'sqlmapproject/sqlmap' repository " errMsg += "from GitHub (e.g. 'git clone --depth 1 %s sqlmap')" % GIT_REPOSITORY logger.error(errMsg) else: - logger.error("update could not be completed ('%s')" % re.sub(r"\W+", " ", stderr).strip()) + logger.error("update could not be completed ('%s')" % re.sub(r"\W+", " ", output).strip()) if not success: if IS_WIN: