Skip to content

Commit 025e9ac

Browse files
klondiklondi
committed
Fix the logic used for --param-exclude
The current logic will skip all existing parameters if no param-exclude is defined. This breaks previous behaviour, makes it harder to use the tool and is quite confusing. The new logic will always check the parameter is set before running any other checks instead of shortcircuit an empoty(always true) regexp.
1 parent 89bbf52 commit 025e9ac

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

lib/controller/controller.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -470,7 +470,7 @@ def start():
470470
infoMsg = "skipping %s parameter '%s'" % (paramType, parameter)
471471
logger.info(infoMsg)
472472

473-
elif re.search(conf.paramExclude or "", parameter, re.I) or kb.postHint and re.search(conf.paramExclude or "", parameter.split(' ')[-1], re.I):
473+
elif conf.paramExclude and (re.search(conf.paramExclude, parameter, re.I) or kb.postHint and re.search(conf.paramExclude, parameter.split(' ')[-1], re.I)):
474474
testSqlInj = False
475475

476476
infoMsg = "skipping %s parameter '%s'" % (paramType, parameter)

0 commit comments

Comments
 (0)