Update regarding #3466

2025-04-17 07:32:03 +03:00 · 2019-02-04 15:49:13 +01:00 · 2019-02-04 15:49:13 +01:00 · bd74a201d5
commit bd74a201d5
parent 82aa481e06
4 changed files with 35 additions and 16 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -3535,6 +3535,32 @@ def intersect(containerA, containerB, lowerCase=False):

    return retVal

+def decodeStringEscape(value):
+    """
+    Decodes escaped string values (e.g. "\\t" -> "\t")
+    """
+
+    retVal = value
+
+    if value and '\\' in value:
+        if isinstance(value, unicode):
+            retVal = retVal.encode(UNICODE_ENCODING)
+
+        try:
+            retVal = codecs.escape_decode(retVal)[0]
+        except:
+            try:
+                retVal = retVal.decode("string_escape")
+            except:
+                charset = string.whitespace.replace(" ", "")
+                for _ in charset:
+                    retVal = retVal.replace(repr(_).strip("'"), _)
+
+        if isinstance(value, unicode):
+            retVal = getUnicode(retVal)
+
+    return retVal
+
 def removeReflectiveValues(content, payload, suppressWarning=False):
    """
    Neutralizes reflective values in a given content based on a payload
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -33,6 +33,7 @@ from lib.core.common import Backend
 from lib.core.common import boldifyMessage
 from lib.core.common import checkFile
 from lib.core.common import dataToStdout
+from lib.core.common import decodeStringEscape
 from lib.core.common import getPublicTypeMembers
 from lib.core.common import getSafeExString
 from lib.core.common import findLocalPort
@ -1500,11 +1501,8 @@ def _cleanupOptions():
    else:
        conf.rParam = []

-    if conf.paramDel and '\\' in conf.paramDel:
-        try:
-            conf.paramDel = conf.paramDel.decode("string_escape")
-        except ValueError:
-            pass
+    if conf.paramDel:
+        conf.paramDel = decodeStringEscape(conf.paramDel)

    if conf.skip:
        conf.skip = conf.skip.replace(" ", "")
@ -1616,7 +1614,7 @@ def _cleanupOptions():
        conf.code = int(conf.code)

    if conf.csvDel:
-        conf.csvDel = conf.csvDel.decode("string_escape")  # e.g. '\\t' -> '\t'
+        conf.csvDel = decodeStringEscape(conf.csvDel)

    if conf.torPort and isinstance(conf.torPort, basestring) and conf.torPort.isdigit():
        conf.torPort = int(conf.torPort)
@ -1629,12 +1627,7 @@ def _cleanupOptions():
        setPaths(paths.SQLMAP_ROOT_PATH)

    if conf.string:
-        try:
-            conf.string = conf.string.decode("unicode_escape")
-        except:
-            charset = string.whitespace.replace(" ", "")
-            for _ in charset:
-                conf.string = conf.string.replace(_.encode("string_escape"), _)
+        conf.string = decodeStringEscape(conf.string)

    if conf.getAll:
        map(lambda _: conf.__setitem__(_, True), WIZARD.ALL)
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.1.83"
+VERSION = "1.3.2.0"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -30,7 +30,7 @@ c1da277517c7ec4c23e953a51b51e203  lib/controller/handler.py
 fb6be55d21a70765e35549af2484f762  lib/controller/__init__.py
 ed7874be0d2d3802f3d20184f2b280d5  lib/core/agent.py
 a932126e7d80e545c5d44af178d0bc0c  lib/core/bigarray.py
-872f111e8283a4d36cd56f19d26cd13d  lib/core/common.py
+abbe98412255c4856ef30a15da8136a2  lib/core/common.py
 de8d27ae6241163ff9e97aa9e7c51a18  lib/core/convert.py
 abcb1121eb56d3401839d14e8ed06b6e  lib/core/data.py
 e1f7758f433202c50426efde5eb96768  lib/core/datatype.py
@ -43,14 +43,14 @@ e1f7758f433202c50426efde5eb96768  lib/core/datatype.py
 fb6be55d21a70765e35549af2484f762  lib/core/__init__.py
 18c896b157b03af716542e5fe9233ef9  lib/core/log.py
 fa9f24e88c81a6cef52da3dd5e637010  lib/core/optiondict.py
-b39587efbf4aef1283c0bbf1e723a8ab  lib/core/option.py
+9357506018d15f30cffb99a0005d7f1c  lib/core/option.py
 fe370021c6bc99daf44b2bfc0d1effb3  lib/core/patch.py
 4b12aa67fbf6c973d12e54cf9cb54ea0  lib/core/profiling.py
 5e2c16a8e2daee22dd545df13386e7a3  lib/core/readlineng.py
 7d8a22c582ad201f65b73225e4456170  lib/core/replication.py
 3179d34f371e0295dd4604568fb30bcd  lib/core/revision.py
 d6269c55789f78cf707e09a0f5b45443  lib/core/session.py
-0e382a4dfbcfa74d104d172f53beff98  lib/core/settings.py
+6b0f9c399579d0b7fdc90a4653d16424  lib/core/settings.py
 4483b4a5b601d8f1c4281071dff21ecc  lib/core/shell.py
 10fd19b0716ed261e6d04f311f6f527c  lib/core/subprocessng.py
 9c7b5c6397fb3da33e7a4d7876d159c6  lib/core/target.py