From b51b80b174ae080c09d25add90d8b8310941d411 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sat, 8 Oct 2016 21:11:43 +0200 Subject: [PATCH] Fix for a privately reported bug --- lib/core/settings.py | 2 +- thirdparty/beautifulsoup/beautifulsoup.py | 40 +++++++++++++---------- txt/checksum.md5 | 4 +-- 3 files changed, 25 insertions(+), 21 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index a20a0ef55..5c891bb73 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.10.19" +VERSION = "1.0.10.20" REVISION = getRevisionNumber() TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} diff --git a/thirdparty/beautifulsoup/beautifulsoup.py b/thirdparty/beautifulsoup/beautifulsoup.py index 69d3752c5..c088fb0b3 100644 --- a/thirdparty/beautifulsoup/beautifulsoup.py +++ b/thirdparty/beautifulsoup/beautifulsoup.py @@ -512,25 +512,29 @@ class Tag(PageElement): entities with the appropriate Unicode characters. If HTML entities are being converted, any unrecognized entities are escaped.""" - x = match.group(1) - if self.convertHTMLEntities and x in name2codepoint: - return unichr(name2codepoint[x]) - elif x in self.XML_ENTITIES_TO_SPECIAL_CHARS: - if self.convertXMLEntities: - return self.XML_ENTITIES_TO_SPECIAL_CHARS[x] - else: - return u'&%s;' % x - elif len(x) > 0 and x[0] == '#': - # Handle numeric entities - if len(x) > 1 and x[1] == 'x': - return unichr(int(x[2:], 16)) - else: - return unichr(int(x[1:])) + try: + x = match.group(1) + if self.convertHTMLEntities and x in name2codepoint: + return unichr(name2codepoint[x]) + elif x in self.XML_ENTITIES_TO_SPECIAL_CHARS: + if self.convertXMLEntities: + return self.XML_ENTITIES_TO_SPECIAL_CHARS[x] + else: + return u'&%s;' % x + elif len(x) > 0 and x[0] == '#': + # Handle numeric entities + if len(x) > 1 and x[1] == 'x': + return unichr(int(x[2:], 16)) + else: + return unichr(int(x[1:])) - elif self.escapeUnrecognizedEntities: - return u'&%s;' % x - else: - return u'&%s;' % x + elif self.escapeUnrecognizedEntities: + return u'&%s;' % x + + except ValueError: # e.g. ValueError: unichr() arg not in range(0x10000) + pass + + return u'&%s;' % x def __init__(self, parser, name, attrs=None, parent=None, previous=None): diff --git a/txt/checksum.md5 b/txt/checksum.md5 index 455806193..9f0492cbd 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6 lib/core/readlineng.py 5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py 99a2b496b9d5b546b335653ca801153f lib/core/revision.py 7c15dd2777af4dac2c89cab6df17462e lib/core/session.py -77760b7e2abbd21cf6b95234d698078b lib/core/settings.py +2198a75694fe7bff1fe9dd0391f27358 lib/core/settings.py 7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py 23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py c3ace7874a536d801f308cf1fd03df99 lib/core/target.py @@ -276,7 +276,7 @@ a5f02f75856551499c0bf33672869a7f tamper/versionedkeywords.py 99a90d668f367f5660698c00e84ec671 tamper/xforwardedfor.py 368165b45dadcdff4422bc010700832a thirdparty/ansistrm/ansistrm.py d41d8cd98f00b204e9800998ecf8427e thirdparty/ansistrm/__init__.py -a53a7a876b401aaaa3535376676692ae thirdparty/beautifulsoup/beautifulsoup.py +8e775c25bc9e84891ad6fcb4f0005c23 thirdparty/beautifulsoup/beautifulsoup.py cb2e1fe7c404dff41a2ae9132828f532 thirdparty/beautifulsoup/__init__.py ff54a1d98f0ab01ba7b58b068d2ebd26 thirdparty/bottle/bottle.py 4528e6a7bb9341c36c425faf40ef32c3 thirdparty/bottle/__init__.py