From cceb5319ef0e810c1982a9396d9281a22a9a3873 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 26 Oct 2021 10:05:14 +0200 Subject: [PATCH] Fixes #4869 --- lib/core/common.py | 13 +++++++++++++ lib/core/replication.py | 6 +++++- lib/core/settings.py | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index df31eb283..ae6b44619 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1431,6 +1431,19 @@ def cleanQuery(query): return retVal +def cleanReplaceUnicode(value): + """ + Cleans unicode for proper encode/decode + + >>> cleanReplaceUnicode(['a', 'b']) + ['a', 'b'] + """ + + def clean(value): + return value.encode(UNICODE_ENCODING, errors="replace").decode(UNICODE_ENCODING) if isinstance(value, six.text_type) else value + + return applyFunctionRecursively(value, clean) + def setPaths(rootPath): """ Sets absolute paths for project directories and files diff --git a/lib/core/replication.py b/lib/core/replication.py index 11889478a..9c4504e66 100644 --- a/lib/core/replication.py +++ b/lib/core/replication.py @@ -7,6 +7,7 @@ See the file 'LICENSE' for copying permission import sqlite3 +from lib.core.common import cleanReplaceUnicode from lib.core.common import getSafeExString from lib.core.common import unsafeSQLIdentificatorNaming from lib.core.exception import SqlmapConnectionException @@ -81,7 +82,10 @@ class Replication(object): def execute(self, sql, parameters=None): try: - self.parent.cursor.execute(sql, parameters or []) + try: + self.parent.cursor.execute(sql, parameters or []) + except UnicodeError: + self.parent.cursor.execute(sql, cleanReplaceUnicode(parameters or [])) except sqlite3.OperationalError as ex: errMsg = "problem occurred ('%s') while accessing sqlite database " % getSafeExString(ex, UNICODE_ENCODING) errMsg += "located at '%s'. Please make sure that " % self.parent.dbpath diff --git a/lib/core/settings.py b/lib/core/settings.py index 6ba9ac4e9..f028a2abb 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from thirdparty import six from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.5.10.17" +VERSION = "1.5.10.18" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)