Minor just in case update

Author: stamparm

lib/controller/checks.py

@@ -1243,7 +1243,7 @@ def _(*args, **kwargs):
             found = function(_)
         except Exception, ex:
             errMsg = "exception occurred while running "
-            errMsg += "WAF script for '%s' ('%s')" % (product, ex)
+            errMsg += "WAF script for '%s' ('%s')" % (product, getSafeExString(ex))
             logger.critical(errMsg)
 
             found = False

lib/core/common.py

@@ -853,7 +853,7 @@ def dataToTrafficFile(data):
         conf.trafficFP.flush()
     except IOError, ex:
         errMsg = "something went wrong while trying "
-        errMsg += "to write to the traffic file '%s' ('%s')" % (conf.trafficFile, ex)
+        errMsg += "to write to the traffic file '%s' ('%s')" % (conf.trafficFile, getSafeExString(ex))
         raise SqlmapSystemException(errMsg)
 
 def dataToDumpFile(dumpFile, data):
@@ -1276,7 +1276,7 @@ def parseTargetUrl():
     try:
         urlSplit = urlparse.urlsplit(conf.url)
     except ValueError, ex:
-        errMsg = "invalid URL '%s' has been given ('%s'). " % (conf.url, ex)
+        errMsg = "invalid URL '%s' has been given ('%s'). " % (conf.url, getSafeExString(ex))
         errMsg += "Please be sure that you don't have any leftover characters (e.g. '[' or ']') "
         errMsg += "in the hostname part"
         raise SqlmapGenericException(errMsg)
@@ -1824,7 +1824,7 @@ def parseXmlFile(xmlFile, handler):
             parse(stream, handler)
     except (SAXParseException, UnicodeError), ex:
         errMsg = "something seems to be wrong with "
-        errMsg += "the file '%s' ('%s'). Please make " % (xmlFile, ex)
+        errMsg += "the file '%s' ('%s'). Please make " % (xmlFile, getSafeExString(ex))
         errMsg += "sure that you haven't made any changes to it"
         raise SqlmapInstallationException, errMsg
 
@@ -1885,7 +1885,7 @@ def readCachedFileContent(filename, mode='rb'):
 	                    kb.cache.content[filename] = f.read()
                 except (IOError, OSError, MemoryError), ex:
                     errMsg = "something went wrong while trying "
-                    errMsg += "to read the content of file '%s' ('%s')" % (filename, ex)
+                    errMsg += "to read the content of file '%s' ('%s')" % (filename, getSafeExString(ex))
                     raise SqlmapSystemException(errMsg)
 
     return kb.cache.content[filename]
@@ -2004,7 +2004,7 @@ def getFileItems(filename, commentPrefix='#', unicode_=True, lowercase=False, un
                         retVal.append(line)
     except (IOError, OSError, MemoryError), ex:
         errMsg = "something went wrong while trying "
-        errMsg += "to read the content of file '%s' ('%s')" % (filename, ex)
+        errMsg += "to read the content of file '%s' ('%s')" % (filename, getSafeExString(ex))
         raise SqlmapSystemException(errMsg)
 
     return retVal if not unique else retVal.keys()

lib/core/option.py

@@ -341,7 +341,7 @@ def _parseBurpLog(content):
             content = f.read()
     except (IOError, OSError, MemoryError), ex:
         errMsg = "something went wrong while trying "
-        errMsg += "to read the content of file '%s' ('%s')" % (reqFile, ex)
+        errMsg += "to read the content of file '%s' ('%s')" % (reqFile, getSafeExString(ex))
         raise SqlmapSystemException(errMsg)
 
     if conf.scope:
@@ -386,7 +386,7 @@ def __contains__(self, name):
         tree.parse(paths.QUERIES_XML)
     except Exception, ex:
         errMsg = "something seems to be wrong with "
-        errMsg += "the file '%s' ('%s'). Please make " % (paths.QUERIES_XML, ex)
+        errMsg += "the file '%s' ('%s'). Please make " % (paths.QUERIES_XML, getSafeExString(ex))
         errMsg += "sure that you haven't made any changes to it"
         raise SqlmapInstallationException, errMsg
 
@@ -501,7 +501,7 @@ def _setCrawler():
                     status = "%d/%d links visited (%d%%)" % (i + 1, len(targets), round(100.0 * (i + 1) / len(targets)))
                     dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status), True)
             except Exception, ex:
-                errMsg = "problem occurred while crawling at '%s' ('%s')" % (target, ex)
+                errMsg = "problem occurred while crawling at '%s' ('%s')" % (target, getSafeExString(ex))
                 logger.error(errMsg)
 
 def _doSearch():
@@ -1098,7 +1098,7 @@ def _setHTTPHandlers():
         try:
             _ = urlparse.urlsplit(conf.proxy)
         except Exception, ex:
-            errMsg = "invalid proxy address '%s' ('%s')" % (conf.proxy, ex)
+            errMsg = "invalid proxy address '%s' ('%s')" % (conf.proxy, getSafeExString(ex))
             raise SqlmapSyntaxException, errMsg
 
         hostnamePort = _.netloc.split(":")
@@ -2059,7 +2059,7 @@ def _saveConfig():
         config.write(confFP)
     except IOError, ex:
         errMsg = "something went wrong while trying "
-        errMsg += "to write to the configuration file '%s' ('%s')" % (conf.saveConfig, ex)
+        errMsg += "to write to the configuration file '%s' ('%s')" % (conf.saveConfig, getSafeExString(ex))
         raise SqlmapSystemException(errMsg)
 
     infoMsg = "saved command line options to the configuration file '%s'" % conf.saveConfig
@@ -2368,14 +2368,14 @@ def _basicOptionValidation():
         try:
             re.compile(conf.regexp)
         except re.error, ex:
-            errMsg = "invalid regular expression '%s' ('%s')" % (conf.regexp, ex)
+            errMsg = "invalid regular expression '%s' ('%s')" % (conf.regexp, getSafeExString(ex))
             raise SqlmapSyntaxException(errMsg)
 
     if conf.crawlExclude:
         try:
             re.compile(conf.crawlExclude)
         except re.error, ex:
-            errMsg = "invalid regular expression '%s' ('%s')" % (conf.crawlExclude, ex)
+            errMsg = "invalid regular expression '%s' ('%s')" % (conf.crawlExclude, getSafeExString(ex))
             raise SqlmapSyntaxException(errMsg)
 
     if conf.dumpTable and conf.dumpAll:

lib/core/target.py

@@ -14,6 +14,7 @@
 import urlparse
 
 from lib.core.common import Backend
+from lib.core.common import getSafeExString
 from lib.core.common import getUnicode
 from lib.core.common import hashDBRetrieve
 from lib.core.common import intersect
@@ -658,7 +659,7 @@ def _createTargetDirs():
             errMsg = "you don't have enough permissions "
         else:
             errMsg = "something went wrong while trying "
-        errMsg += "to write to the output directory '%s' (%s)" % (paths.SQLMAP_OUTPUT_PATH, ex)
+        errMsg += "to write to the output directory '%s' (%s)" % (paths.SQLMAP_OUTPUT_PATH, getSafeExString(ex))
 
         raise SqlmapMissingPrivileges(errMsg)
 

lib/core/wordlist.py

@@ -8,6 +8,7 @@
 import os
 import zipfile
 
+from lib.core.common import getSafeExString
 from lib.core.exception import SqlmapDataException
 from lib.core.exception import SqlmapInstallationException
 from lib.core.settings import UNICODE_ENCODING
@@ -45,7 +46,7 @@ def adjust(self):
                     _ = zipfile.ZipFile(self.current, 'r')
                 except zipfile.error, ex:
                     errMsg = "something seems to be wrong with "
-                    errMsg += "the file '%s' ('%s'). Please make " % (self.current, ex)
+                    errMsg += "the file '%s' ('%s'). Please make " % (self.current, getSafeExString(ex))
                     errMsg += "sure that you haven't made any changes to it"
                     raise SqlmapInstallationException, errMsg
                 if len(_.namelist()) == 0:
@@ -71,7 +72,7 @@ def next(self):
                 retVal = self.iter.next().rstrip()
             except zipfile.error, ex:
                 errMsg = "something seems to be wrong with "
-                errMsg += "the file '%s' ('%s'). Please make " % (self.current, ex)
+                errMsg += "the file '%s' ('%s'). Please make " % (self.current, getSafeExString(ex))
                 errMsg += "sure that you haven't made any changes to it"
                 raise SqlmapInstallationException, errMsg
             except StopIteration:

lib/utils/hashdb.py

@@ -41,7 +41,7 @@ def _get_cursor(self):
                 connection.commit()
             except Exception, ex:
                 errMsg = "error occurred while opening a session "
-                errMsg += "file '%s' ('%s')" % (self.filepath, ex)
+                errMsg += "file '%s' ('%s')" % (self.filepath, getSafeExString(ex))
                 raise SqlmapDataException(errMsg)
 
         return threadData.hashDBCursor
@@ -83,7 +83,7 @@ def retrieve(self, key, unserialize=False):
                         if not "locked" in getSafeExString(ex):
                             raise
                     except sqlite3.DatabaseError, ex:
-                        errMsg = "error occurred while accessing session file '%s' ('%s'). " % (self.filepath, ex)
+                        errMsg = "error occurred while accessing session file '%s' ('%s'). " % (self.filepath, getSafeExString(ex))
                         errMsg += "If the problem persists please rerun with `--flush-session`"
                         raise SqlmapDataException, errMsg
                     else: