From 80ee687b41a0b48111d9ad871a5932b60e5e87db Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 7 May 2012 13:51:31 +0000 Subject: [PATCH] minor beauty patch --- lib/controller/checks.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 88da289d7..749c9327e 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -83,6 +83,7 @@ def checkSqlInjection(place, parameter, value): title = test.title stype = test.stype clause = test.clause + unionExtended = False if stype == PAYLOAD.TECHNIQUE.UNION: configUnion(test.request.char) @@ -114,11 +115,7 @@ def checkSqlInjection(place, parameter, value): lower, upper = int(match.group(1)), int(match.group(2)) for _ in (lower, upper): if _ > 1: - infoMsg = "automatically extending ranges " - infoMsg += "for further UNION query injection technique tests as " - infoMsg += "there is at least one other injection technique found" - singleTimeLogMessage(infoMsg) - + unionExtended = True test.request.columns = re.sub(r"\b%d\b" % _, str(2 * _), test.request.columns) title = re.sub(r"\b%d\b" % _, str(2 * _), title) test.title = re.sub(r"\b%d\b" % _, str(2 * _), test.title) @@ -437,6 +434,12 @@ def checkSqlInjection(place, parameter, value): warnMsg += "option" singleTimeWarnMessage(warnMsg) + if unionExtended: + infoMsg = "automatically extending ranges " + infoMsg += "for UNION query injection technique tests as " + infoMsg += "there is at least one other injection technique found" + singleTimeLogMessage(infoMsg) + # Test for UNION query SQL injection reqPayload, vector = unionTest(comment, place, parameter, value, prefix, suffix)