From 48b627f3ff5fc364d2e49450f88e3c64ac6076a4 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 10 Jul 2015 00:54:02 +0200
Subject: [PATCH] Prevent double tests (e.g. in same final tests where suffix
 is cut by the comment)

---
 lib/controller/checks.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 3b1bc7f0d..6949d3746 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -90,6 +90,7 @@ def checkSqlInjection(place, parameter, value):
 
     paramType = conf.method if conf.method not in (None, HTTPMETHOD.GET, HTTPMETHOD.POST) else place
     tests = getSortedInjectionTests()
+    seenPayload = set()
 
     while tests:
         test = tests.pop(0)
@@ -390,6 +391,11 @@ def checkSqlInjection(place, parameter, value):
                         boundPayload = agent.prefixQuery(fstPayload, prefix, where, clause)
                         boundPayload = agent.suffixQuery(boundPayload, comment, suffix, where)
                         reqPayload = agent.payload(place, parameter, newValue=boundPayload, where=where)
+                        if reqPayload:
+                            if reqPayload in seenPayload:
+                                continue
+                            else:
+                                seenPayload.add(reqPayload)
                     else:
                         reqPayload = None