mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-07-30 01:50:01 +03:00
Fix misuse of flags in re.sub() calls
The 4th argument of re.sub() is maximum number of substitutions, not flags.
This commit is contained in:
parent
6b48f6ec26
commit
bfe5d11452
|
@ -310,8 +310,8 @@ class Connect(object):
|
|||
|
||||
elif target:
|
||||
if conf.forceSSL and urlparse.urlparse(url).scheme != "https":
|
||||
url = re.sub("\Ahttp:", "https:", url, re.I)
|
||||
url = re.sub(":80/", ":443/", url, re.I)
|
||||
url = re.compile("\Ahttp:", re.I).sub("https:", url)
|
||||
url = re.sub(":80/", ":443/", url)
|
||||
|
||||
if PLACE.GET in conf.parameters and not get:
|
||||
get = conf.parameters[PLACE.GET]
|
||||
|
|
|
@ -226,7 +226,7 @@ def unionUse(expression, unpack=True, dump=False):
|
|||
|
||||
if expressionFieldsList and len(expressionFieldsList) > 1 and "ORDER BY" in expression.upper():
|
||||
# Removed ORDER BY clause because UNION does not play well with it
|
||||
expression = re.sub("\s*ORDER BY\s+[\w,]+", "", expression, re.I)
|
||||
expression = re.compile("\s*ORDER BY\s+[\w,]+", re.I).sub("", expression)
|
||||
debugMsg = "stripping ORDER BY clause from statement because "
|
||||
debugMsg += "it does not play well with UNION query SQL injection"
|
||||
singleTimeDebugMessage(debugMsg)
|
||||
|
|
Loading…
Reference in New Issue
Block a user