Minor patches (pydiatra)

Author: stamparm

extra/mssqlsig/update.py

@@ -43,7 +43,7 @@ def updateMSSQLXML():
 
  return
 
- releases = re.findall("class=\"BCC_DV_01DarkBlueTitle\">SQL Server\s(.+?)\sBuilds", mssqlVersionsHtmlString, re.I | re.M)
+ releases = re.findall("class=\"BCC_DV_01DarkBlueTitle\">SQL Server\s(.+?)\sBuilds", mssqlVersionsHtmlString, re.I)
  releasesCount = len(releases)
 
  # Create the minidom document
@@ -74,7 +74,7 @@ def updateMSSQLXML():
  stopIdx = mssqlVersionsHtmlString.index("SQL Server %s Builds" % releases[index + 1])
 
  mssqlVersionsReleaseString = mssqlVersionsHtmlString[startIdx:stopIdx]
- servicepackVersion = re.findall("</td><td>[7\.0|2000|2005|2008|2008 R2]*(.*?)</td><td.*?([\d\.]+)</td>[\r]*\n", mssqlVersionsReleaseString, re.I | re.M)
+ servicepackVersion = re.findall("</td><td>[7\.0|2000|2005|2008|2008 R2]*(.*?)</td><td.*?([\d\.]+)</td>[\r]*\n", mssqlVersionsReleaseString, re.I)
 
  for servicePack, version in servicepackVersion:
  if servicePack.startswith(" "):

extra/shutils/regressiontest.py

@@ -83,7 +83,7 @@ def main():
  if stderr:
  failure_email("Execution of regression test failed with error:\n\n%s" % stderr)
 
- failed_tests = re.findall("running live test case: (.+?) \((\d+)\/\d+\)[\r]*\n.+test failed (at parsing items: (.+))?\s*\- scan folder: (\/.+) \- traceback: (.*?)( - SQL injection not detected)?[\r]*\n", stdout, re.M)
+ failed_tests = re.findall("running live test case: (.+?) \((\d+)\/\d+\)[\r]*\n.+test failed (at parsing items: (.+))?\s*\- scan folder: (\/.+) \- traceback: (.*?)( - SQL injection not detected)?[\r]*\n", stdout)
 
  for failed_test in failed_tests:
  title = failed_test[0]

lib/controller/controller.py

@@ -140,7 +140,7 @@ def _formatInjection(inj):
  if inj.place == PLACE.CUSTOM_HEADER:
  payload = payload.split(',', 1)[1]
  if stype == PAYLOAD.TECHNIQUE.UNION:
- count = re.sub(r"(?i)(\(.+\))|(\blimit[^A-Za-z]+)", "", sdata.payload).count(',') + 1
+ count = re.sub(r"(?i)(\(.+\))|(\blimit[^a-z]+)", "", sdata.payload).count(',') + 1
  title = re.sub(r"\d+ to \d+", str(count), title)
  vector = agent.forgeUnionQuery("[QUERY]", vector[0], vector[1], vector[2], None, None, vector[5], vector[6])
  if count == 1:

lib/core/agent.py

@@ -296,7 +296,7 @@ def suffixQuery(self, expression, comment=None, suffix=None, where=None):
  elif suffix and not comment:
  expression += suffix.replace('\\', BOUNDARY_BACKSLASH_MARKER)
 
- return re.sub(r"(?s);\W*;", ";", expression)
+ return re.sub(r";\W*;", ";", expression)
 
  def cleanupPayload(self, payload, origValue=None):
  if payload is None:

lib/core/common.py

@@ -1961,7 +1961,7 @@ def getSQLSnippet(dbms, sfile, **variables):
 
  retVal = readCachedFileContent(filename)
  retVal = re.sub(r"#.+", "", retVal)
- retVal = re.sub(r"(?s);\s+", "; ", retVal).strip("\r\n")
+ retVal = re.sub(r";\s+", "; ", retVal).strip("\r\n")
 
  for _ in variables.keys():
  retVal = re.sub(r"%%%s%%" % _, variables[_], retVal)

lib/core/settings.py

@@ -19,7 +19,7 @@
 from lib.core.enums import OS
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.1.4.23"
+VERSION = "1.1.4.24"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

lib/core/target.py

@@ -532,7 +532,8 @@ def _setResultsFile():
  except (OSError, IOError), ex:
  try:
  warnMsg = "unable to create results file '%s' ('%s'). " % (conf.resultsFilename, getUnicode(ex))
- conf.resultsFilename = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.RESULTS, suffix=".csv")[1]
+ handle, conf.resultsFilename = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.RESULTS, suffix=".csv")
+ os.close(handle)
  conf.resultsFP = openFile(conf.resultsFilename, "w+", UNICODE_ENCODING, buffering=0)
  warnMsg += "Using temporary file '%s' instead" % conf.resultsFilename
  logger.warn(warnMsg)

lib/utils/api.py

@@ -163,7 +163,8 @@ def reset_options(self):
  self.options = AttribDict(self._original_options)
 
  def engine_start(self):
- configFile = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.CONFIG, text=True)[1]
+ handle, configFile = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.CONFIG, text=True)
+ os.close(handle)
  saveConfig(self.options, configFile)
 
  if os.path.exists("sqlmap.py"):
@@ -651,7 +652,8 @@ def server(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, adapter=REST
  REST-JSON API server
  """
  DataStore.admin_id = hexencode(os.urandom(16))
- Database.filepath = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.IPC, text=False)[1]
+ handle, Database.filepath = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.IPC, text=False)
+ os.close(handle)
 
  if port == 0: # random
  with contextlib.closing(socket.socket(socket.AF_INET, socket.SOCK_STREAM)) as s:

lib/utils/crawler.py

@@ -87,7 +87,7 @@ def crawlThread():
  tags = soup('a')
 
  if not tags:
- tags = re.finditer(r'(?si)<a[^>]+href="(?P<href>[^>"]+)"', content)
+ tags = re.finditer(r'(?i)<a[^>]+href="(?P<href>[^>"]+)"', content)
 
  for tag in tags:
  href = tag.get("href") if hasattr(tag, "get") else tag.group("href")

plugins/generic/syntax.py

@@ -22,7 +22,7 @@ def _escape(expression, quote=True, escaper=None):
  retVal = expression
 
  if quote:
- for item in re.findall(r"'[^']*'+", expression, re.S):
+ for item in re.findall(r"'[^']*'+", expression):
  _ = item[1:-1]
  if _:
  retVal = retVal.replace(item, escaper(_))