[pull] master from sqlmapproject:master

data/txt/sha256sums.txt

@@ -166,12 +166,12 @@ eed1db5da17eca4c65a8f999166e2246eef84397687ae820bbe4984ef65a09df  extra/vulnserv
 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811  lib/controller/__init__.py
 216c9399853b7454d36dcb552baf9f1169ec7942897ddc46504684325cb6ce00  lib/core/agent.py
 fbba89420acafcdb9ba1a95428cf2161b13cfa2d1a7ad7d5e70c14b0e04861f0  lib/core/bigarray.py
-e56ab9dafa97b1bff42a04bf50ec558ecbe0703cbdcc59d22ced05f82955024d  lib/core/common.py
+567c53222bc59f2aaba97ce9ba7613848ff0609007cc5dfc57051da34d76e41b  lib/core/common.py
 11c748cc96ea2bc507bc6c1930a17fe4bc6fdd2dd2a80430df971cb21428eb00  lib/core/compat.py
-5a2607c9ffd48e6ae98fb142590ad9f588e19064fa84d6f5e662891228edc0fe  lib/core/convert.py
+34bcabad7602d6a5b79a517af8a71cc2bf21e34dfe695f9f8b9c41583a37aaef  lib/core/convert.py
 ae500647c4074681749735a4f3b17b7eca44868dd3f39f9cab0a575888ba04a1  lib/core/data.py
 ffae7cfe9f9afb92e887b9a8dbc1630d0063e865f35984ae417b04a4513e5024  lib/core/datatype.py
-38d30ecb10783f0ff58a255c801db8324ef2ac23516c7600a9e177b459d99750  lib/core/decorators.py
+322978f03cd69f7c98f2ea2cbe7567ab4f386b6c0548dcdf09064a6e9c393383  lib/core/decorators.py
 d573a37bb00c8b65f75b275aa92549683180fb209b75fd0ff3870e3848939900  lib/core/defaults.py
 bb7e6521edad1cbfffa89fd7d5e255ed4ff148d984ffadbeac8d42baa2d76dea  lib/core/dicts.py
 20a6edda1d57a7564869e366f57ed7b2ab068dd8716cf7a10ef4a02d154d6c80  lib/core/dump.py
@@ -188,7 +188,7 @@ c4bfb493a03caf84dd362aec7c248097841de804b7413d0e1ecb8a90c8550bc0  lib/core/readl
 d1bd70c1a55858495c727fbec91e30af267459c8f64d50fabf9e4ee2c007e920  lib/core/replication.py
 1d0f80b0193ac5204527bfab4bde1a7aee0f693fd008e86b4b29f606d1ef94f3  lib/core/revision.py
 d2eb8e4b05ac93551272b3d4abfaf5b9f2d3ac92499a7704c16ed0b4f200db38  lib/core/session.py
-a1dcf0c3a40fa8b80d898f182577ceeb5609f105396dcee90aefe64fa23803b0  lib/core/settings.py
+2913a56b7d556e351ba919299a7fc40f6fe9a44239ce0d7cdf657d5c25c6e7fb  lib/core/settings.py
 1c5eab9494eb969bc9ce118a2ea6954690c6851cbe54c18373c723b99734bf09  lib/core/shell.py
 4eea6dcf023e41e3c64b210cb5c2efc7ca893b727f5e49d9c924f076bb224053  lib/core/subprocessng.py
 cdd352e1331c6b535e780f6edea79465cb55af53aa2114dcea0e8bf382e56d1a  lib/core/target.py

lib/core/common.py

@@ -3339,14 +3339,14 @@ def filterNone(values):
     """
     Emulates filterNone([...]) functionality
 
-    >>> filterNone([1, 2, "", None, 3])
-    [1, 2, 3]
+    >>> filterNone([1, 2, "", None, 3, 0])
+    [1, 2, 3, 0]
     """
 
     retVal = values
 
     if isinstance(values, _collections.Iterable):
-        retVal = [_ for _ in values if _]
+        retVal = [_ for _ in values if _ or _ == 0]
 
     return retVal
 
@@ -5017,6 +5017,10 @@ def extractExpectedValue(value, expected):
 
     >>> extractExpectedValue(['1'], EXPECTED.BOOL)
     True
+    >>> extractExpectedValue(['17'], EXPECTED.BOOL)
+    True
+    >>> extractExpectedValue(['0'], EXPECTED.BOOL)
+    False
     >>> extractExpectedValue('1', EXPECTED.INT)
     1
     >>> extractExpectedValue('7\\xb9645', EXPECTED.INT) is None
@@ -5037,10 +5041,10 @@ def extractExpectedValue(value, expected):
                     value = value == "true"
                 elif value in ('t', 'f'):
                     value = value == 't'
-                elif value in ("1", "-1"):
-                    value = True
                 elif value == '0':
                     value = False
+                elif re.search(r"\A-?[1-9]\d*\Z", value):
+                    value = True
                 else:
                     value = None
         elif expected == EXPECTED.INT:

lib/core/convert.py

@@ -58,7 +58,7 @@ def base64pickle(value):
         try:
             retVal = encodeBase64(pickle.dumps(value), binary=False)
         except:
-            retVal = encodeBase64(pickle.dumps(str(value), PICKLE_PROTOCOL), binary=False)
+            raise
 
     return retVal
 
@@ -81,25 +81,28 @@ def base64unpickle(value):
 
 def htmlUnescape(value):
     """
-    Returns (basic conversion) HTML unescaped value
+    Returns HTML unescaped value
 
     >>> htmlUnescape('a&lt;b') == 'a<b'
     True
+    >>> htmlUnescape('a&lt;b') == 'a<b'
+    True
+    >>> htmlUnescape('&#x66;&#x6f;&#x6f;&#x62;&#x61;&#x72;') == 'foobar'
+    True
+    >>> htmlUnescape('&#102;&#111;&#111;&#98;&#97;&#114;') == 'foobar'
+    True
+    >>> htmlUnescape('&copy;&euro;') == htmlUnescape('&#xA9;&#x20AC;')
+    True
     """
 
-    retVal = value
-
     if value and isinstance(value, six.string_types):
-        replacements = (("&lt;", '<'), ("&gt;", '>'), ("&quot;", '"'), ("&nbsp;", ' '), ("&amp;", '&'), ("&apos;", "'"))
-        for code, value in replacements:
-            retVal = retVal.replace(code, value)
-
-        try:
-            retVal = re.sub(r"&#x([^ ;]+);", lambda match: _unichr(int(match.group(1), 16)), retVal)
-        except (ValueError, OverflowError):
-            pass
-
-    return retVal
+        if six.PY3:
+            import html
+            return html.unescape(value)
+        else:
+            from six.moves import html_parser
+            return html_parser.HTMLParser().unescape(value)
+    return value
 
 def singleTimeWarnMessage(message):  # Cross-referenced function
     sys.stdout.write(message)
@@ -143,13 +146,19 @@ def rot13(data):
     'sbbone jnf urer!!'
     >>> rot13('sbbone jnf urer!!')
     'foobar was here!!'
+    >>> rot13(b'foobar was here!!')
+    'sbbone jnf urer!!'
     """
 
-    # Reference: https://stackoverflow.com/a/62662878
     retVal = ""
     alphabit = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ"
+
+    if isinstance(data, six.binary_type):
+        data = getText(data)
+
     for char in data:
         retVal += alphabit[alphabit.index(char) + 13] if char in alphabit else char
+
     return retVal
 
 def decodeHex(value, binary=True):
@@ -190,10 +199,12 @@ def encodeHex(value, binary=True):
     '313233'
     >>> encodeHex(b"123"[0]) == b"31"
     True
+    >>> encodeHex(123, binary=False)
+    '7b'
     """
 
     if isinstance(value, int):
-        value = six.unichr(value)
+        value = six.int2byte(value)
 
     if isinstance(value, six.text_type):
         value = value.encode(UNICODE_ENCODING)

lib/core/decorators.py

@@ -49,16 +49,21 @@ def _f(*args, **kwargs):
         )
         try:
             key = struct.unpack(">Q", hashlib.md5("`".join(parts).encode(UNICODE_ENCODING)).digest()[:8])[0] & 0x7fffffffffffffff
-        except ValueError:  # https://github.com/sqlmapproject/sqlmap/issues/4281 (NOTE: non-standard Python behavior where hexdigest returns binary value)
+        except (struct.error, ValueError):  # https://github.com/sqlmapproject/sqlmap/issues/4281 (NOTE: non-standard Python behavior where hexdigest returns binary value)
             result = f(*args, **kwargs)
         else:
             lock, cache = _method_locks[f], _cache[f]
+
+            with lock:
+                if key in cache:
+                    return cache[key]
+
+            result = f(*args, **kwargs)
+
             with lock:
-                try:
-                    result = cache[key]
-                except KeyError:
-                    result = f(*args, **kwargs)
-                    cache[key] = result
+                cache[key] = result
+
+            return result
 
         return result
 

lib/core/settings.py

@@ -19,7 +19,7 @@
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.9.12.19"
+VERSION = "1.9.12.24"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)