mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-28 20:43:49 +03:00
More general approach for PostgreSQL concatenation operator precedence problem (Issue #219)
This commit is contained in:
parent
afd82b92dd
commit
ba55bed008
|
@ -14,6 +14,11 @@ class Syntax(GenericSyntax):
|
|||
|
||||
@staticmethod
|
||||
def unescape(expression, quote=True):
|
||||
"""
|
||||
Note: PostgreSQL has a general problem with concenation operator (||) precedence (hence the parentheses enclosing)
|
||||
e.g. SELECT 1 WHERE 'a'!='a'||'b' will trigger error ("argument of WHERE must be type boolean, not type text")
|
||||
"""
|
||||
|
||||
if quote:
|
||||
while True:
|
||||
index = expression.find("'")
|
||||
|
@ -28,11 +33,11 @@ class Syntax(GenericSyntax):
|
|||
|
||||
lastIndex = firstIndex + index
|
||||
old = "'%s'" % expression[firstIndex:lastIndex]
|
||||
unescaped = "||".join("CHR(%d)" % (ord(expression[i])) for i in xrange(firstIndex, lastIndex)) # Postgres CHR() function already accepts Unicode code point of character(s)
|
||||
unescaped = "(%s)" % "||".join("CHR(%d)" % (ord(expression[i])) for i in xrange(firstIndex, lastIndex)) # Postgres CHR() function already accepts Unicode code point of character(s)
|
||||
|
||||
expression = expression.replace(old, unescaped)
|
||||
else:
|
||||
expression = "||".join("CHR(%d)" % ord(c) for c in expression)
|
||||
expression = "(%s)" % "||".join("CHR(%d)" % ord(c) for c in expression)
|
||||
|
||||
return expression
|
||||
|
||||
|
|
|
@ -256,7 +256,7 @@ class Databases:
|
|||
if condition:
|
||||
if conf.excludeSysDbs:
|
||||
query += " WHERE "
|
||||
query += " AND ".join("%s != ('%s')" % (condition, unsafeSQLIdentificatorNaming(db)) for db in self.excludeDbsList)
|
||||
query += " AND ".join("%s != '%s'" % (condition, unsafeSQLIdentificatorNaming(db)) for db in self.excludeDbsList)
|
||||
infoMsg = "skipping system database%s '%s'" % ("s" if len(self.excludeDbsList) > 1 else "", ", ".join(db for db in self.excludeDbsList))
|
||||
logger.info(infoMsg)
|
||||
elif not Backend.isDbms(DBMS.SQLITE):
|
||||
|
|
Loading…
Reference in New Issue
Block a user