Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 948903f

Browse files
stamparmstamparm
committed
Fixes #4024 
1 parent 20d875a commit 948903f

3 files changed

Lines changed: 9 additions & 3 deletions

File tree

lib/core/convert.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,11 @@
3131
from thirdparty import six
3232
from thirdparty.six import unichr as _unichr
3333

34+
try:
35+
from html import escape as htmlEscape
36+
except ImportError:
37+
from cgi import escape as htmlEscape
38+
3439
def base64pickle(value):
3540
"""
3641
Serializes (with pickle) and encodes to Base64 format supplied (binary) value

lib/core/dump.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
from lib.core.convert import getConsoleLength
3232
from lib.core.convert import getText
3333
from lib.core.convert import getUnicode
34+
from lib.core.convert import htmlEscape
3435
from lib.core.data import conf
3536
from lib.core.data import kb
3637
from lib.core.data import logger
@@ -557,7 +558,7 @@ def dbTableValues(self, tableValues):
557558
else:
558559
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(column), conf.csvDel))
559560
elif conf.dumpFormat == DUMP_FORMAT.HTML:
560-
dataToDumpFile(dumpFP, "<th>%s</th>" % getUnicode(cgi.escape(column).encode("ascii", "xmlcharrefreplace")))
561+
dataToDumpFile(dumpFP, "<th>%s</th>" % getUnicode(htmlEscape(column).encode("ascii", "xmlcharrefreplace")))
561562

562563
field += 1
563564

@@ -629,7 +630,7 @@ def dbTableValues(self, tableValues):
629630
else:
630631
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(value), conf.csvDel))
631632
elif conf.dumpFormat == DUMP_FORMAT.HTML:
632-
dataToDumpFile(dumpFP, "<td>%s</td>" % getUnicode(cgi.escape(value).encode("ascii", "xmlcharrefreplace")))
633+
dataToDumpFile(dumpFP, "<td>%s</td>" % getUnicode(htmlEscape(value).encode("ascii", "xmlcharrefreplace")))
633634

634635
field += 1
635636

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
from thirdparty.six import unichr as _unichr
1919

2020
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
21-
VERSION = "1.3.11.118"
21+
VERSION = "1.3.12.0"
2222
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2323
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2424
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

0 commit comments

Comments
 (0)