From 2d801b712235ed046aa38786aad5f0596d9d568b Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 12 May 2016 17:16:55 +0200
Subject: [PATCH] Minor patch for an Issue #1861

---
 lib/core/common.py   | 19 ++++++++++---------
 lib/core/settings.py |  2 +-
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/lib/core/common.py b/lib/core/common.py
index 74c3c92c6..967c66365 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -601,15 +601,16 @@ def paramToDict(place, parameters=None):
                         logger.warn(warnMsg)
 
                 if place in (PLACE.POST, PLACE.GET):
-                    regex = r"\A([^\w]+.*\w+)([^\w]+)\Z"
-                    match = re.search(regex, testableParameters[parameter])
-                    if match:
-                        _ = re.sub(regex, "\g<1>%s\g<2>" % CUSTOM_INJECTION_MARK_CHAR, testableParameters[parameter])
-                        message = "it appears that provided value for %s parameter '%s' " % (place, parameter)
-                        message += "has boundaries. Do you want to inject inside? ('%s') [y/N] " % _
-                        test = readInput(message, default="N")
-                        if test[0] in ("y", "Y"):
-                            testableParameters[parameter] = re.sub(regex, "\g<1>%s\g<2>" % BOUNDED_INJECTION_MARKER, testableParameters[parameter])
+                    for regex in (r"\A((?:<[^>]+>)+\w+)((?:<[^>]+>)+)\Z", r"\A([^\w]+.*\w+)([^\w]+)\Z"):
+                        match = re.search(regex, testableParameters[parameter])
+                        if match:
+                            _ = re.sub(regex, "\g<1>%s\g<%d>" % (CUSTOM_INJECTION_MARK_CHAR, len(match.groups())), testableParameters[parameter])
+                            message = "it appears that provided value for %s parameter '%s' " % (place, parameter)
+                            message += "has boundaries. Do you want to inject inside? ('%s') [y/N] " % _
+                            test = readInput(message, default="N")
+                            if test[0] in ("y", "Y"):
+                                testableParameters[parameter] = re.sub(regex, "\g<1>%s\g<2>" % BOUNDED_INJECTION_MARKER, testableParameters[parameter])
+                            break
 
     if conf.testParameter and not testableParameters:
         paramStr = ", ".join(test for test in conf.testParameter)
diff --git a/lib/core/settings.py b/lib/core/settings.py
index eac255fd6..256b2608d 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -19,7 +19,7 @@ from lib.core.enums import OS
 from lib.core.revision import getRevisionNumber
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.0.5.21"
+VERSION = "1.0.5.22"
 REVISION = getRevisionNumber()
 STABLE = VERSION.count('.') <= 2
 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")