Patch for an Issue #235

stamparm · stamparm · commit f305dde413af · 2012-11-10T11:01:29.000+01:00
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -835,6 +835,7 @@ def __setTamperingFunctions():
                 if name == "tamper" and function.func_code.co_argcount == 2:
                     found = True
                     kb.tamperFunctions.append(function)
+                    function.func_name = module.__name__
 
                     if check_priority and priority > last_priority:
                         message = "it seems that you might have mixed "
diff --git a/lib/request/connect.py b/lib/request/connect.py
@@ -53,6 +53,7 @@
 from lib.core.exception import sqlmapCompressionException
 from lib.core.exception import sqlmapConnectionException
 from lib.core.exception import sqlmapSyntaxException
+from lib.core.exception import sqlmapValueException
 from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
 from lib.core.settings import DEFAULT_CONTENT_TYPE
 from lib.core.settings import HTTP_ACCEPT_HEADER_VALUE
@@ -588,6 +589,10 @@ def queryPage(value=None, place=None, content=False, getRatioValue=False, silent
             if kb.tamperFunctions:
                 for function in kb.tamperFunctions:
                     payload = function(payload=payload, headers=auxHeaders)
+                    if not isinstance(payload, basestring):
+                        errMsg = "tamper function '%s' returns " % function.func_name
+                        errMsg += "invalid payload type ('%s')" % type(payload)
+                        raise sqlmapValueException, errMsg
 
                 value = agent.replacePayload(value, payload)
 
@@ -722,6 +727,7 @@ def _randomizeParameter(paramString, randomParameter):
                     warnMsg += "value for option '--time-sec' as possible (e.g. "
                     warnMsg += "%d or more)" % (conf.timeSec * 2)
                     logger.critical(warnMsg)
+
             elif not kb.testMode:
                 warnMsg = "it is very important not to stress the network adapter's "
                 warnMsg += "bandwidth during usage of time-based queries"
