Skip to content

Commit 0043593

Browse files
committed
Minor improvement for --parse-errors
1 parent 8ca4cff commit 0043593

File tree

3 files changed

+11
-5
lines changed

3 files changed

+11
-5
lines changed

lib/core/common.py

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2642,7 +2642,9 @@ def extractErrorMessage(page):
26422642
"""
26432643
Returns reported error message from page if it founds one
26442644
2645-
>>> extractErrorMessage(u'<html><title>Test</title>\\n<b>Warning</b>: oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated<br><p>Only a test page</p></html>') == u'oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated'
2645+
>>> extractErrorMessage(u'<html><title>Test</title>\\n<b>Warning</b>: oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated<br><p>Only a test page</p></html>')
2646+
'oci_parse() [function.oci-parse]: ORA-01756: quoted string not properly terminated'
2647+
>>> extractErrorMessage('Warning: This is only a dummy foobar test') is None
26462648
True
26472649
"""
26482650

@@ -2653,8 +2655,10 @@ def extractErrorMessage(page):
26532655
match = re.search(regex, page, re.IGNORECASE)
26542656

26552657
if match:
2656-
retVal = htmlUnescape(match.group("result")).replace("<br>", "\n").strip()
2657-
break
2658+
candidate = htmlUnescape(match.group("result")).replace("<br>", "\n").strip()
2659+
if re.search(r"\b([a-z]+ ){5}", candidate) is None: # check for legitimate (e.g. Warning:...) text
2660+
retVal = candidate
2661+
break
26582662

26592663
return retVal
26602664

lib/core/convert.py

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,15 +80,17 @@ def htmlUnescape(value):
8080
"""
8181

8282
retVal = value
83+
8384
if value and isinstance(value, six.string_types):
8485
replacements = (("&lt;", '<'), ("&gt;", '>'), ("&quot;", '"'), ("&nbsp;", ' '), ("&amp;", '&'), ("&apos;", "'"))
8586
for code, value in replacements:
8687
retVal = retVal.replace(code, value)
8788

8889
try:
89-
retVal = re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal)
90+
retVal = getText(re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal))
9091
except ValueError:
9192
pass
93+
9294
return retVal
9395

9496
def singleTimeWarnMessage(message): # Cross-referenced function

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
from thirdparty.six import unichr as _unichr
1919

2020
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
21-
VERSION = "1.3.5.150"
21+
VERSION = "1.3.5.151"
2222
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2323
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2424
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

0 commit comments

Comments
 (0)