Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 03ef53f

Browse files
stamparmstamparm
committed
update regarding mysql function resolution and versionedkeywords
1 parent bfd923f commit 03ef53f

2 files changed

Lines changed: 6 additions & 1 deletion

File tree

lib/core/settings.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -342,3 +342,7 @@
342342

343343
# Percentage below which comparison engine could have problems
344344
LOW_TEXT_PERCENT = 20
345+
346+
# These MySQL keywords can't go (alone) into versioned comment form (/*!...*/)
347+
# Reference: http://dev.mysql.com/doc/refman/5.1/en/function-resolution.html
348+
IGNORE_SPACE_AFFECTED_KEYWORDS = ("CAST", "COUNT", "EXTRACT", "GROUP_CONCAT", "MAX", "MID", "MIN", "SESSION_USER", "SUBSTR", "SUBSTRING", "SUM", "SYSTEM_USER", "TRIM")

tamper/versionedkeywords.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
from lib.core.common import randomRange
1313
from lib.core.data import kb
1414
from lib.core.enums import PRIORITY
15+
from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
1516

1617
__priority__ = PRIORITY.NORMAL
1718

@@ -23,7 +24,7 @@ def tamper(payload):
2324

2425
def process(match):
2526
word = match.group('word')
26-
if word.upper() in kb.keywords and word.upper() not in ["CAST", "COUNT"]: # keywords that can't be commented out
27+
if word.upper() in kb.keywords and word.upper() not in IGNORE_SPACE_AFFECTED_KEYWORDS:
2728
return match.group().replace(word, "/*!%s*/" % word)
2829
else:
2930
return match.group()

0 commit comments

Comments
 (0)