Fix the issue 7593 where I get a stacktrace when running module auxiliary/scanner/http/blind_sql_query

jinq102030 · jinq102030 · commit cdc82891d86f · 2016-11-21T17:39:09.000-06:00
Add a guard against the case when opts['vars_get'] is nil
diff --git a/lib/rex/proto/http/client_request.rb b/lib/rex/proto/http/client_request.rb
@@ -108,21 +108,21 @@ def to_s
           qstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1))
         end
       end
+      if opts.key?("vars_get") && opts['vars_get']
+        opts['vars_get'].each_pair do |var,val|
+          var = var.to_s
 
-      opts['vars_get'].each_pair do |var,val|
-        var = var.to_s
-
-        qstr << '&' if qstr.length > 0
-        qstr << (opts['encode_params'] ? set_encode_uri(var) : var)
-        # support get parameter without value
-        # Example: uri?parameter
-        if val
-          val = val.to_s
-          qstr << '='
-          qstr << (opts['encode_params'] ? set_encode_uri(val) : val)
+          qstr << '&' if qstr.length > 0
+          qstr << (opts['encode_params'] ? set_encode_uri(var) : var)
+          # support get parameter without value
+          # Example: uri?parameter
+          if val
+            val = val.to_s
+            qstr << '='
+            qstr << (opts['encode_params'] ? set_encode_uri(val) : val)
+          end
         end
       end
-
       if (opts['pad_post_params'])
         1.upto(opts['pad_post_params_count'].to_i) do |i|
           rand_var = Rex::Text.rand_text_alphanumeric(rand(32)+1)
