mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 05:31:04 +03:00 
			
		
		
		
	Fixes #2911
This commit is contained in:
		
							parent
							
								
									ef8b2d793f
								
							
						
					
					
						commit
						62fc2e1e17
					
				|  | @ -46,6 +46,7 @@ from lib.core.settings import METADB_SUFFIX | ||||||
| from lib.core.settings import MIN_BINARY_DISK_DUMP_SIZE | from lib.core.settings import MIN_BINARY_DISK_DUMP_SIZE | ||||||
| from lib.core.settings import TRIM_STDOUT_DUMP_SIZE | from lib.core.settings import TRIM_STDOUT_DUMP_SIZE | ||||||
| from lib.core.settings import UNICODE_ENCODING | from lib.core.settings import UNICODE_ENCODING | ||||||
|  | from lib.core.settings import UNSAFE_DUMP_FILEPATH_REPLACEMENT | ||||||
| from lib.core.settings import WINDOWS_RESERVED_NAMES | from lib.core.settings import WINDOWS_RESERVED_NAMES | ||||||
| from thirdparty.magic import magic | from thirdparty.magic import magic | ||||||
| 
 | 
 | ||||||
|  | @ -418,7 +419,7 @@ class Dump(object): | ||||||
|                 except: |                 except: | ||||||
|                     warnFile = True |                     warnFile = True | ||||||
| 
 | 
 | ||||||
|                     _ = unicodeencode(re.sub(r"[^\w]", "_", unsafeSQLIdentificatorNaming(db))) |                     _ = unicodeencode(re.sub(r"[^\w]", UNSAFE_DUMP_FILEPATH_REPLACEMENT, unsafeSQLIdentificatorNaming(db))) | ||||||
|                     dumpDbPath = os.path.join(conf.dumpPath, "%s-%s" % (_, hashlib.md5(unicodeencode(db)).hexdigest()[:8])) |                     dumpDbPath = os.path.join(conf.dumpPath, "%s-%s" % (_, hashlib.md5(unicodeencode(db)).hexdigest()[:8])) | ||||||
| 
 | 
 | ||||||
|                     if not os.path.isdir(dumpDbPath): |                     if not os.path.isdir(dumpDbPath): | ||||||
|  | @ -441,7 +442,7 @@ class Dump(object): | ||||||
| 
 | 
 | ||||||
|                             dumpDbPath = tempDir |                             dumpDbPath = tempDir | ||||||
| 
 | 
 | ||||||
|             dumpFileName = os.path.join(dumpDbPath, "%s.%s" % (unsafeSQLIdentificatorNaming(table), conf.dumpFormat.lower())) |             dumpFileName = os.path.join(dumpDbPath, re.sub(r'[\\/]', UNSAFE_DUMP_FILEPATH_REPLACEMENT, "%s.%s" % (unsafeSQLIdentificatorNaming(table), conf.dumpFormat.lower()))) | ||||||
|             if not checkFile(dumpFileName, False): |             if not checkFile(dumpFileName, False): | ||||||
|                 try: |                 try: | ||||||
|                     openFile(dumpFileName, "w+b").close() |                     openFile(dumpFileName, "w+b").close() | ||||||
|  | @ -450,9 +451,9 @@ class Dump(object): | ||||||
|                 except: |                 except: | ||||||
|                     warnFile = True |                     warnFile = True | ||||||
| 
 | 
 | ||||||
|                     _ = re.sub(r"[^\w]", "_", normalizeUnicode(unsafeSQLIdentificatorNaming(table))) |                     _ = re.sub(r"[^\w]", UNSAFE_DUMP_FILEPATH_REPLACEMENT, normalizeUnicode(unsafeSQLIdentificatorNaming(table))) | ||||||
|                     if len(_) < len(table) or IS_WIN and table.upper() in WINDOWS_RESERVED_NAMES: |                     if len(_) < len(table) or IS_WIN and table.upper() in WINDOWS_RESERVED_NAMES: | ||||||
|                         _ = unicodeencode(re.sub(r"[^\w]", "_", unsafeSQLIdentificatorNaming(table))) |                         _ = unicodeencode(re.sub(r"[^\w]", UNSAFE_DUMP_FILEPATH_REPLACEMENT, unsafeSQLIdentificatorNaming(table))) | ||||||
|                         dumpFileName = os.path.join(dumpDbPath, "%s-%s.%s" % (_, hashlib.md5(unicodeencode(table)).hexdigest()[:8], conf.dumpFormat.lower())) |                         dumpFileName = os.path.join(dumpDbPath, "%s-%s.%s" % (_, hashlib.md5(unicodeencode(table)).hexdigest()[:8], conf.dumpFormat.lower())) | ||||||
|                     else: |                     else: | ||||||
|                         dumpFileName = os.path.join(dumpDbPath, "%s.%s" % (_, conf.dumpFormat.lower())) |                         dumpFileName = os.path.join(dumpDbPath, "%s.%s" % (_, conf.dumpFormat.lower())) | ||||||
|  | @ -613,7 +614,7 @@ class Dump(object): | ||||||
|                                 if not os.path.isdir(dumpDbPath): |                                 if not os.path.isdir(dumpDbPath): | ||||||
|                                     os.makedirs(dumpDbPath, 0755) |                                     os.makedirs(dumpDbPath, 0755) | ||||||
| 
 | 
 | ||||||
|                                 _ = re.sub(r"[^\w]", "_", normalizeUnicode(unsafeSQLIdentificatorNaming(column))) |                                 _ = re.sub(r"[^\w]", UNSAFE_DUMP_FILEPATH_REPLACEMENT, normalizeUnicode(unsafeSQLIdentificatorNaming(column))) | ||||||
|                                 filepath = os.path.join(dumpDbPath, "%s-%d.bin" % (_, randomInt(8))) |                                 filepath = os.path.join(dumpDbPath, "%s-%d.bin" % (_, randomInt(8))) | ||||||
|                                 warnMsg = "writing binary ('%s') content to file '%s' " % (mimetype, filepath) |                                 warnMsg = "writing binary ('%s') content to file '%s' " % (mimetype, filepath) | ||||||
|                                 logger.warn(warnMsg) |                                 logger.warn(warnMsg) | ||||||
|  |  | ||||||
|  | @ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME | ||||||
| from lib.core.enums import OS | from lib.core.enums import OS | ||||||
| 
 | 
 | ||||||
| # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | ||||||
| VERSION = "1.2.2.1" | VERSION = "1.2.2.2" | ||||||
| TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | ||||||
| TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | ||||||
| VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | ||||||
|  | @ -424,6 +424,9 @@ HASH_MOD_ITEM_DISPLAY = 11 | ||||||
| # Maximum integer value | # Maximum integer value | ||||||
| MAX_INT = sys.maxint | MAX_INT = sys.maxint | ||||||
| 
 | 
 | ||||||
|  | # Replacement for unsafe characters in dump table filenames | ||||||
|  | UNSAFE_DUMP_FILEPATH_REPLACEMENT = '_' | ||||||
|  | 
 | ||||||
| # Options that need to be restored in multiple targets run mode | # Options that need to be restored in multiple targets run mode | ||||||
| RESTORE_MERGED_OPTIONS = ("col", "db", "dnsDomain", "privEsc", "tbl", "regexp", "string", "textOnly", "threads", "timeSec", "tmpPath", "uChar", "user") | RESTORE_MERGED_OPTIONS = ("col", "db", "dnsDomain", "privEsc", "tbl", "regexp", "string", "textOnly", "threads", "timeSec", "tmpPath", "uChar", "user") | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -34,7 +34,7 @@ e3a3f5218b2e52dd0afafdfc9fed2002  lib/core/agent.py | ||||||
| 12e80071013606f01822c3823fb51054  lib/core/decorators.py | 12e80071013606f01822c3823fb51054  lib/core/decorators.py | ||||||
| 9458679feb9184f3fb1611daf1ebef63  lib/core/defaults.py | 9458679feb9184f3fb1611daf1ebef63  lib/core/defaults.py | ||||||
| a8bea09096a42a9a7feeb9d4d118ae66  lib/core/dicts.py | a8bea09096a42a9a7feeb9d4d118ae66  lib/core/dicts.py | ||||||
| 1a94690d60ed792ce441b6f2f4dbbef8  lib/core/dump.py | 0d742fbf72bca25a3e82640616c30c9a  lib/core/dump.py | ||||||
| c8551f7696a76450e6d139409e4f06cd  lib/core/enums.py | c8551f7696a76450e6d139409e4f06cd  lib/core/enums.py | ||||||
| cada93357a7321655927fc9625b3bfec  lib/core/exception.py | cada93357a7321655927fc9625b3bfec  lib/core/exception.py | ||||||
| 1e5532ede194ac9c083891c2f02bca93  lib/core/__init__.py | 1e5532ede194ac9c083891c2f02bca93  lib/core/__init__.py | ||||||
|  | @ -46,7 +46,7 @@ ffa5f01f39b17c8d73423acca6cfe86a  lib/core/readlineng.py | ||||||
| 0c3eef46bdbf87e29a3f95f90240d192  lib/core/replication.py | 0c3eef46bdbf87e29a3f95f90240d192  lib/core/replication.py | ||||||
| a7db43859b61569b601b97f187dd31c5  lib/core/revision.py | a7db43859b61569b601b97f187dd31c5  lib/core/revision.py | ||||||
| fcb74fcc9577523524659ec49e2e964b  lib/core/session.py | fcb74fcc9577523524659ec49e2e964b  lib/core/session.py | ||||||
| 67ea2aee17da22379743e5dc18159f3f  lib/core/settings.py | e4a29b441ac8137ce22d7113dd2b72c5  lib/core/settings.py | ||||||
| d0adc28a38e43a787df4471f7f027413  lib/core/shell.py | d0adc28a38e43a787df4471f7f027413  lib/core/shell.py | ||||||
| 63491be462c515a1a3880c27c2acc4a2  lib/core/subprocessng.py | 63491be462c515a1a3880c27c2acc4a2  lib/core/subprocessng.py | ||||||
| 505aaa61e1bba3c3d4567c3e667699e3  lib/core/target.py | 505aaa61e1bba3c3d4567c3e667699e3  lib/core/target.py | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user