-
Notifications
You must be signed in to change notification settings - Fork 7
/
sqli_helpers.go
126 lines (108 loc) · 2.55 KB
/
sqli_helpers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
package libinjection
import (
"strings"
)
func flag2Delimiter(flag int) byte {
switch {
case (flag & sqliFlagQuoteSingle) != 0:
return byteSingle
case (flag & sqliFlagQuoteDouble) != 0:
return byteDouble
default:
return byteNull
}
}
// OK! " \" " one backslash = escaped!
//
// " \\" " two backslash = not escaped!
// " \\\" " three backslash = escaped!
func isBackslashEscaped(str string) bool {
if strings.IndexByte(str, '\\') == -1 {
return false
}
var count = 0
for i := len(str) - 1; i >= 0; i-- {
if str[i] == '\\' {
count++
} else {
break
}
}
// if number of backslashes is odd, it is escaped
return count%2 != 0
}
func isDoubleDelimiterEscaped(str string) bool {
return len(str) >= 2 && str[0] == str[1]
}
func isByteWhite(ch byte) bool {
// ' ' space is 0x32
// '\t 0x09 \011 horizontal tab
// '\n' 0x0a \012 new line
// '\v' 0x0b \013 vertical tab
// '\f' 0x0c \014 new page
// '\r' 0x0d \015 carriage return
// 0x00 \000 null (oracle)
// 0xa0 \240 is Latin-1
return ch == ' ' || ch == '\t' || ch == '\n' || ch == '\v' || ch == '\f' || ch == '\r' || ch == '\240' || ch == '\000'
}
// Find the largest string containing certain characters.
//
// if accept is "ABC", then this function would be similar to
// regexp.match(str, "[ABC]*")
func strLenSpn(s string, length int, accept string) int {
for i := 0; i < length; i++ {
if strings.IndexByte(accept, s[i]) == -1 {
return i
}
}
return length
}
func strLenCSpn(s string, length int, accept []byte) int {
for i := 0; i < length; i++ {
if accept[s[i]] == 1 {
return i
}
}
return length
}
// This detects MySQL comments, comments that
// start with /x! We just ban these now but
// previously we attempted to parse the inside.
//
// For reference:
// the form of /x![anything]x/ or /x!12345[anything]x/
//
// MySQL3 (maybe 4), allowed this:
//
// /x!0selectx/ 1;
//
// where 0 could be any number
//
// The last version of MySQL 3 was in 2003.
//
// It is unclear if the MySQL 3 syntax was allowed
// in MySQL 4. The last version of MySQL 4 was in 2008.
func isMysqlComment(s string, pos int) bool {
// so far...
// s[pos] == '/' && s[pos+1] == '*'
if pos+2 >= len(s) {
return false
}
if s[pos+2] != '!' {
return false
}
return true
}
func toUpperCmp(a, b string) bool {
return a == strings.ToUpper(b)
}
func isKeyword(key string) byte {
return searchKeyword(key, sqlKeywords)
}
func searchKeyword(key string, keywords map[string]byte) byte {
upperKey := strings.ToUpper(key)
if val, ok := keywords[upperKey]; ok {
return val
}
return byteNull
}