From eb989469f39e29c1473bccada7db3764d8c7b638 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 12 Jan 2016 10:27:04 +0100 Subject: [PATCH] Minor just in case update --- lib/controller/checks.py | 2 +- lib/core/common.py | 10 +++++----- lib/core/option.py | 14 +++++++------- lib/core/target.py | 3 ++- lib/core/wordlist.py | 5 +++-- lib/utils/hashdb.py | 4 ++-- 6 files changed, 20 insertions(+), 18 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 5546b73b4..abcb903e6 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -1243,7 +1243,7 @@ def identifyWaf(): found = function(_) except Exception, ex: errMsg = "exception occurred while running " - errMsg += "WAF script for '%s' ('%s')" % (product, ex) + errMsg += "WAF script for '%s' ('%s')" % (product, getSafeExString(ex)) logger.critical(errMsg) found = False diff --git a/lib/core/common.py b/lib/core/common.py index 8cf95a16a..d351fd5e8 100755 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -853,7 +853,7 @@ def dataToTrafficFile(data): conf.trafficFP.flush() except IOError, ex: errMsg = "something went wrong while trying " - errMsg += "to write to the traffic file '%s' ('%s')" % (conf.trafficFile, ex) + errMsg += "to write to the traffic file '%s' ('%s')" % (conf.trafficFile, getSafeExString(ex)) raise SqlmapSystemException(errMsg) def dataToDumpFile(dumpFile, data): @@ -1276,7 +1276,7 @@ def parseTargetUrl(): try: urlSplit = urlparse.urlsplit(conf.url) except ValueError, ex: - errMsg = "invalid URL '%s' has been given ('%s'). " % (conf.url, ex) + errMsg = "invalid URL '%s' has been given ('%s'). " % (conf.url, getSafeExString(ex)) errMsg += "Please be sure that you don't have any leftover characters (e.g. '[' or ']') " errMsg += "in the hostname part" raise SqlmapGenericException(errMsg) @@ -1824,7 +1824,7 @@ def parseXmlFile(xmlFile, handler): parse(stream, handler) except (SAXParseException, UnicodeError), ex: errMsg = "something seems to be wrong with " - errMsg += "the file '%s' ('%s'). Please make " % (xmlFile, ex) + errMsg += "the file '%s' ('%s'). Please make " % (xmlFile, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg @@ -1885,7 +1885,7 @@ def readCachedFileContent(filename, mode='rb'): kb.cache.content[filename] = f.read() except (IOError, OSError, MemoryError), ex: errMsg = "something went wrong while trying " - errMsg += "to read the content of file '%s' ('%s')" % (filename, ex) + errMsg += "to read the content of file '%s' ('%s')" % (filename, getSafeExString(ex)) raise SqlmapSystemException(errMsg) return kb.cache.content[filename] @@ -2004,7 +2004,7 @@ def getFileItems(filename, commentPrefix='#', unicode_=True, lowercase=False, un retVal.append(line) except (IOError, OSError, MemoryError), ex: errMsg = "something went wrong while trying " - errMsg += "to read the content of file '%s' ('%s')" % (filename, ex) + errMsg += "to read the content of file '%s' ('%s')" % (filename, getSafeExString(ex)) raise SqlmapSystemException(errMsg) return retVal if not unique else retVal.keys() diff --git a/lib/core/option.py b/lib/core/option.py index a412f20d1..eb5688585 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -341,7 +341,7 @@ def _feedTargetsDict(reqFile, addedTargetUrls): content = f.read() except (IOError, OSError, MemoryError), ex: errMsg = "something went wrong while trying " - errMsg += "to read the content of file '%s' ('%s')" % (reqFile, ex) + errMsg += "to read the content of file '%s' ('%s')" % (reqFile, getSafeExString(ex)) raise SqlmapSystemException(errMsg) if conf.scope: @@ -386,7 +386,7 @@ def _loadQueries(): tree.parse(paths.QUERIES_XML) except Exception, ex: errMsg = "something seems to be wrong with " - errMsg += "the file '%s' ('%s'). Please make " % (paths.QUERIES_XML, ex) + errMsg += "the file '%s' ('%s'). Please make " % (paths.QUERIES_XML, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg @@ -501,7 +501,7 @@ def _setCrawler(): status = "%d/%d links visited (%d%%)" % (i + 1, len(targets), round(100.0 * (i + 1) / len(targets))) dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status), True) except Exception, ex: - errMsg = "problem occurred while crawling at '%s' ('%s')" % (target, ex) + errMsg = "problem occurred while crawling at '%s' ('%s')" % (target, getSafeExString(ex)) logger.error(errMsg) def _doSearch(): @@ -1098,7 +1098,7 @@ def _setHTTPHandlers(): try: _ = urlparse.urlsplit(conf.proxy) except Exception, ex: - errMsg = "invalid proxy address '%s' ('%s')" % (conf.proxy, ex) + errMsg = "invalid proxy address '%s' ('%s')" % (conf.proxy, getSafeExString(ex)) raise SqlmapSyntaxException, errMsg hostnamePort = _.netloc.split(":") @@ -2059,7 +2059,7 @@ def _saveConfig(): config.write(confFP) except IOError, ex: errMsg = "something went wrong while trying " - errMsg += "to write to the configuration file '%s' ('%s')" % (conf.saveConfig, ex) + errMsg += "to write to the configuration file '%s' ('%s')" % (conf.saveConfig, getSafeExString(ex)) raise SqlmapSystemException(errMsg) infoMsg = "saved command line options to the configuration file '%s'" % conf.saveConfig @@ -2368,14 +2368,14 @@ def _basicOptionValidation(): try: re.compile(conf.regexp) except re.error, ex: - errMsg = "invalid regular expression '%s' ('%s')" % (conf.regexp, ex) + errMsg = "invalid regular expression '%s' ('%s')" % (conf.regexp, getSafeExString(ex)) raise SqlmapSyntaxException(errMsg) if conf.crawlExclude: try: re.compile(conf.crawlExclude) except re.error, ex: - errMsg = "invalid regular expression '%s' ('%s')" % (conf.crawlExclude, ex) + errMsg = "invalid regular expression '%s' ('%s')" % (conf.crawlExclude, getSafeExString(ex)) raise SqlmapSyntaxException(errMsg) if conf.dumpTable and conf.dumpAll: diff --git a/lib/core/target.py b/lib/core/target.py index 487b08351..535d477ff 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -14,6 +14,7 @@ import time import urlparse from lib.core.common import Backend +from lib.core.common import getSafeExString from lib.core.common import getUnicode from lib.core.common import hashDBRetrieve from lib.core.common import intersect @@ -658,7 +659,7 @@ def _createTargetDirs(): errMsg = "you don't have enough permissions " else: errMsg = "something went wrong while trying " - errMsg += "to write to the output directory '%s' (%s)" % (paths.SQLMAP_OUTPUT_PATH, ex) + errMsg += "to write to the output directory '%s' (%s)" % (paths.SQLMAP_OUTPUT_PATH, getSafeExString(ex)) raise SqlmapMissingPrivileges(errMsg) diff --git a/lib/core/wordlist.py b/lib/core/wordlist.py index 06faba0ad..13e763b17 100644 --- a/lib/core/wordlist.py +++ b/lib/core/wordlist.py @@ -8,6 +8,7 @@ See the file 'doc/COPYING' for copying permission import os import zipfile +from lib.core.common import getSafeExString from lib.core.exception import SqlmapDataException from lib.core.exception import SqlmapInstallationException from lib.core.settings import UNICODE_ENCODING @@ -45,7 +46,7 @@ class Wordlist(object): _ = zipfile.ZipFile(self.current, 'r') except zipfile.error, ex: errMsg = "something seems to be wrong with " - errMsg += "the file '%s' ('%s'). Please make " % (self.current, ex) + errMsg += "the file '%s' ('%s'). Please make " % (self.current, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg if len(_.namelist()) == 0: @@ -71,7 +72,7 @@ class Wordlist(object): retVal = self.iter.next().rstrip() except zipfile.error, ex: errMsg = "something seems to be wrong with " - errMsg += "the file '%s' ('%s'). Please make " % (self.current, ex) + errMsg += "the file '%s' ('%s'). Please make " % (self.current, getSafeExString(ex)) errMsg += "sure that you haven't made any changes to it" raise SqlmapInstallationException, errMsg except StopIteration: diff --git a/lib/utils/hashdb.py b/lib/utils/hashdb.py index 1a455470e..8d1caa2bc 100644 --- a/lib/utils/hashdb.py +++ b/lib/utils/hashdb.py @@ -41,7 +41,7 @@ class HashDB(object): connection.commit() except Exception, ex: errMsg = "error occurred while opening a session " - errMsg += "file '%s' ('%s')" % (self.filepath, ex) + errMsg += "file '%s' ('%s')" % (self.filepath, getSafeExString(ex)) raise SqlmapDataException(errMsg) return threadData.hashDBCursor @@ -83,7 +83,7 @@ class HashDB(object): if not "locked" in getSafeExString(ex): raise except sqlite3.DatabaseError, ex: - errMsg = "error occurred while accessing session file '%s' ('%s'). " % (self.filepath, ex) + errMsg = "error occurred while accessing session file '%s' ('%s'). " % (self.filepath, getSafeExString(ex)) errMsg += "If the problem persists please rerun with `--flush-session`" raise SqlmapDataException, errMsg else: