From 51a77d1fe262ab33ccfeb8d1f6ffde7b12fcd0b6 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 17 Jan 2013 11:37:45 +0100 Subject: [PATCH] Minor update for an Issue #8 --- lib/core/dump.py | 3 ++- lib/core/settings.py | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/core/dump.py b/lib/core/dump.py index aedb3e9f4..ee5c3ce05 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -33,6 +33,7 @@ from lib.core.exception import SqlmapValueException from lib.core.replication import Replication from lib.core.settings import HTML_DUMP_CSS_STYLE from lib.core.settings import METADB_SUFFIX +from lib.core.settings import MIN_BINARY_DISK_DUMP_SIZE from lib.core.settings import TRIM_STDOUT_DUMP_SIZE from lib.core.settings import UNICODE_ENCODING from thirdparty.magic import magic @@ -479,7 +480,7 @@ class Dump(object): blank = " " * (maxlength - len(value)) self._write("| %s%s" % (value, blank), newline=False, console=console) - if len(value) > 10 and r'\x' in value: + if len(value) > MIN_BINARY_DISK_DUMP_SIZE and r'\x' in value: mimetype = magic.from_buffer(value, mime=True) if any(mimetype.startswith(_) for _ in ("application", "image")): filepath = os.path.join(dumpDbPath, "%s-%d.bin" % (column, randomInt(8))) diff --git a/lib/core/settings.py b/lib/core/settings.py index 150872383..e6c075e6e 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -500,6 +500,9 @@ DEFAULT_CONTENT_TYPE = "application/x-www-form-urlencoded" # Length used while checking for existence of Suhosin-patch (like) protection mechanism SUHOSIN_MAX_VALUE_LENGTH = 512 +# Minimum size of an (binary) entry before it can be considered for dumping to disk +MIN_BINARY_DISK_DUMP_SIZE = 100 + # Regular expression used for extracting form tags FORM_SEARCH_REGEX = r"(?si)"