Proper (safe) showing of safe encoded data

2025-02-16 19:40:37 +03:00 · 2019-05-07 16:43:01 +02:00 · 2019-05-07 16:43:01 +02:00 · 4d028c7230
commit 4d028c7230
parent 2b57b4b54b
2 changed files with 13 additions and 8 deletions
--- a/lib/core/convert.py
+++ b/lib/core/convert.py
@ -103,7 +103,7 @@ def stdoutencode(data):

    if six.PY2:
        try:
-            retVal = getBytes(data or "", sys.stdout.encoding)
+            retVal = getBytes(data or "", sys.stdout.encoding, unsafe=False)

            # Reference: http://bugs.python.org/issue1602
            if IS_WIN:
@ -118,7 +118,7 @@ def stdoutencode(data):
                    singleTimeWarnMessage(warnMsg)

        except:
-            retVal = getBytes(data or "")
+            retVal = getBytes(data or "", unsafe=False)

    return retVal

@ -224,7 +224,7 @@ def encodeBase64(value, binary=True):

    return retVal

-def getBytes(value, encoding=UNICODE_ENCODING, errors="strict"):
+def getBytes(value, encoding=UNICODE_ENCODING, errors="strict", unsafe=True):
    """
    Returns byte representation of provided Unicode value

@ -236,14 +236,19 @@ def getBytes(value, encoding=UNICODE_ENCODING, errors="strict"):

    if isinstance(value, six.text_type):
        if INVALID_UNICODE_PRIVATE_AREA:
-            for char in xrange(0xF0000, 0xF00FF + 1):
-                value = value.replace(six.unichr(char), "%s%02x" % (SAFE_HEX_MARKER, char - 0xF0000))
+            if unsafe:
+                for char in xrange(0xF0000, 0xF00FF + 1):
+                    value = value.replace(six.unichr(char), "%s%02x" % (SAFE_HEX_MARKER, char - 0xF0000))

            retVal = value.encode(encoding, errors)
-            retVal = re.sub(r"%s([0-9a-f]{2})" % SAFE_HEX_MARKER, lambda _: decodeHex(_.group(1)), retVal)
+
+            if unsafe:
+                retVal = re.sub(r"%s([0-9a-f]{2})" % SAFE_HEX_MARKER, lambda _: decodeHex(_.group(1)), retVal)
        else:
            retVal = value.encode(encoding, errors)
-            retVal = re.sub(b"\\\\x([0-9a-f]{2})", lambda _: decodeHex(_.group(1)), retVal)
+
+            if unsafe:
+                retVal = re.sub(b"\\\\x([0-9a-f]{2})", lambda _: decodeHex(_.group(1)), retVal)

    return retVal

--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty import six

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.5.40"
+VERSION = "1.3.5.41"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)