sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-23 22:49:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

redos vuln patch (issue #5310)

Browse Source
This commit is contained in:
Somdev Sangwan 2023-02-08 16:37:44 +05:30 committed by GitHub
parent 4357b0087d
commit 19ca7c7e8e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/common.py
View File

@ -1822,7 +1822,7 @@ def expandAsteriskForColumns(expression):
the SQL query string (expression)
"""
match = re.search(r"(?i)\ASELECT(\s+TOP\s+[\d]+)?\s+\*\s+FROM\s+(([`'\"][^`'\"]+[`'\"]|[\w.]+)+)(\s|\Z)", expression)
match = re.search(r"(?i)\ASELECT(\s+TOP\s+[\d]+)?\s+\*\s+FROM\s+(([`'\"][^`'\"]+[`'\"])+|[\w.]+)(\s|\Z)", expression)
if match:
infoMsg = "you did not provide the fields in your query. "