Some more trivial refactoring

lib/core/agent.py

@@ -39,6 +39,7 @@ from lib.core.settings import BOUNDED_INJECTION_MARKER
 from lib.core.settings import DEFAULT_COOKIE_DELIMITER
 from lib.core.settings import DEFAULT_GET_POST_DELIMITER
 from lib.core.settings import GENERIC_SQL_COMMENT
+from lib.core.settings import INFERENCE_MARKER
 from lib.core.settings import NULL
 from lib.core.settings import PAYLOAD_DELIMITER
 from lib.core.settings import REPLACEMENT_MARKER
@@ -319,7 +320,7 @@ class Agent(object):
             origValue = getUnicode(origValue)
             payload = getUnicode(payload).replace("[ORIGVALUE]", origValue if origValue.isdigit() else unescaper.escape("'%s'" % origValue))
 
-        if "[INFERENCE]" in payload:
+        if INFERENCE_MARKER in payload:
             if Backend.getIdentifiedDbms() is not None:
                 inference = queries[Backend.getIdentifiedDbms()].inference
 
@@ -331,7 +332,7 @@ class Agent(object):
                 else:
                     inferenceQuery = inference.query
 
-                payload = payload.replace("[INFERENCE]", inferenceQuery)
+                payload = payload.replace(INFERENCE_MARKER, inferenceQuery)
             elif not kb.testMode:
                 errMsg = "invalid usage of inference payload without "
                 errMsg += "knowledge of underlying DBMS"

lib/core/bigarray.py

@@ -27,10 +27,12 @@ def _size_of(object_):
     """
 
     retval = sys.getsizeof(object_, DEFAULT_SIZE_OF)
+
     if isinstance(object_, dict):
         retval += sum(_size_of(_) for _ in itertools.chain.from_iterable(object_.items()))
     elif hasattr(object_, "__iter__"):
         retval += sum(_size_of(_) for _ in object_)
+
     return retval
 
 class Cache(object):
@@ -58,11 +60,13 @@ class BigArray(list):
 
     def append(self, value):
         self.chunks[-1].append(value)
+
         if self.chunk_length == sys.maxint:
             self._size_counter += _size_of(value)
             if self._size_counter >= BIGARRAY_CHUNK_SIZE:
                 self.chunk_length = len(self.chunks[-1])
                 self._size_counter = None
+
         if len(self.chunks[-1]) >= self.chunk_length:
             filename = self._dump(self.chunks[-1])
             self.chunks[-1] = filename
@@ -82,12 +86,14 @@ class BigArray(list):
                 errMsg = "exception occurred while retrieving data "
                 errMsg += "from a temporary file ('%s')" % ex.message
                 raise SqlmapSystemException, errMsg
+
         return self.chunks[-1].pop()
 
     def index(self, value):
         for index in xrange(len(self)):
             if self[index] == value:
                 return index
+
         return ValueError, "%s is not in list" % value
 
     def _dump(self, chunk):
@@ -110,6 +116,7 @@ class BigArray(list):
         if (self.cache and self.cache.index != index and self.cache.dirty):
             filename = self._dump(self.cache.data)
             self.chunks[self.cache.index] = filename
+
         if not (self.cache and self.cache.index == index):
             try:
                 with open(self.chunks[index], "rb") as fp:
@@ -128,18 +135,23 @@ class BigArray(list):
 
     def __getslice__(self, i, j):
         retval = BigArray()
+
         i = max(0, len(self) + i if i < 0 else i)
         j = min(len(self), len(self) + j if j < 0 else j)
+
         for _ in xrange(i, j):
             retval.append(self[_])
+
         return retval
 
     def __getitem__(self, y):
         if y < 0:
             y += len(self)
+
         index = y / self.chunk_length
         offset = y % self.chunk_length
         chunk = self.chunks[index]
+
         if isinstance(chunk, list):
             return chunk[offset]
         else:
@@ -150,6 +162,7 @@ class BigArray(list):
         index = y / self.chunk_length
         offset = y % self.chunk_length
         chunk = self.chunks[index]
+
         if isinstance(chunk, list):
             chunk[offset] = value
         else:

lib/core/convert.py

@@ -166,7 +166,7 @@ def htmlunescape(value):
 
     retVal = value
     if value and isinstance(value, basestring):
-        codes = (('&lt;', '<'), ('&gt;', '>'), ('&quot;', '"'), ('&nbsp;', ' '), ('&amp;', '&'))
+        codes = (("&lt;", '<'), ("&gt;", '>'), ("&quot;", '"'), ("&nbsp;", ' '), ("&amp;", '&'), ("&apos;", "'"))
         retVal = reduce(lambda x, y: x.replace(y[0], y[1]), codes, retVal)
         try:
             retVal = re.sub(r"&#x([^ ;]+);", lambda match: unichr(int(match.group(1), 16)), retVal)

lib/request/inject.py

@@ -43,6 +43,7 @@ from lib.core.exception import SqlmapDataException
 from lib.core.exception import SqlmapNotVulnerableException
 from lib.core.exception import SqlmapUserQuitException
 from lib.core.settings import GET_VALUE_UPPERCASE_KEYWORDS
+from lib.core.settings import INFERENCE_MARKER
 from lib.core.settings import MAX_TECHNIQUES_PER_VALUE
 from lib.core.settings import SQL_SCALAR_REGEX
 from lib.core.threads import getCurrentThreadData
@@ -304,7 +305,7 @@ def _goBooleanProxy(expression):
             return output
 
     vector = kb.injection.data[kb.technique].vector
-    vector = vector.replace("[INFERENCE]", expression)
+    vector = vector.replace(INFERENCE_MARKER, expression)
     query = agent.prefixQuery(vector)
     query = agent.suffixQuery(query)
     payload = agent.payload(newValue=query)