sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor update

Browse Source
This commit is contained in:
Miroslav Stampar 2011-10-23 21:17:45 +00:00
parent 4a469c3258
commit 5863429fc1
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/common.py
View File

@ -666,11 +666,11 @@ def paramToDict(place, parameters=None):
if condition:
testableParameters[parameter] = "=".join(elem[1:])
if testableParameters[parameter].strip(DUMMY_SQL_INJECTION_CHARS) != testableParameters[parameter]\
or re.search(r'\A-[1-9]', testableParameters[parameter]):
or re.search(r'(\A-[1-9])|(\A9{3,})', testableParameters[parameter]):
errMsg = "you have provided tainted parameter values "
errMsg += "(%s) with most probably leftover " % element
errMsg += "chars from manual sql injection "
errMsg += "tests (%s) or negative numerical value. " % DUMMY_SQL_INJECTION_CHARS
errMsg += "tests (%s) or non-valid numerical value. " % DUMMY_SQL_INJECTION_CHARS
errMsg += "Please, always use only valid parameter values "
errMsg += "so sqlmap could be able to do a valid run."
raise sqlmapSyntaxException, errMsg