From 5863429fc1211be6bf6a8e6648aeeab780de9563 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Sun, 23 Oct 2011 21:17:45 +0000
Subject: [PATCH] minor update

---
 lib/core/common.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/core/common.py b/lib/core/common.py
index 2dc7d4a00..ef2f13ce9 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -666,11 +666,11 @@ def paramToDict(place, parameters=None):
                 if condition:
                     testableParameters[parameter] = "=".join(elem[1:])
                     if testableParameters[parameter].strip(DUMMY_SQL_INJECTION_CHARS) != testableParameters[parameter]\
-                      or re.search(r'\A-[1-9]', testableParameters[parameter]):
+                      or re.search(r'(\A-[1-9])|(\A9{3,})', testableParameters[parameter]):
                         errMsg = "you have provided tainted parameter values "
                         errMsg += "(%s) with most probably leftover " % element
                         errMsg += "chars from manual sql injection "
-                        errMsg += "tests (%s) or negative numerical value. " % DUMMY_SQL_INJECTION_CHARS
+                        errMsg += "tests (%s) or non-valid numerical value. " % DUMMY_SQL_INJECTION_CHARS
                         errMsg += "Please, always use only valid parameter values "
                         errMsg += "so sqlmap could be able to do a valid run."
                         raise sqlmapSyntaxException, errMsg