c08c98415395b76371581432be55381f0f6e2b40,w3af/plugins/audit/format_string.py,format_string,_analyze_result,#format_string#Any#Any#,58
Before Change
//
// I will only report the vulnerability once.
//
if self._has_no_bug(mutant):
for error in self.ERROR_STRINGS:
// Check if the error string is in the response
if error in response.body and \
error not in mutant.get_original_response_body():
desc = "A possible (detection is really hard...) format"\
" string vulnerability was found at: %s"
desc = desc % mutant.found_at()
v = Vuln.from_mutant("Format string vulnerability", desc,
severity.MEDIUM, response.id,
self.get_name(), mutant)
v.add_to_highlight(error)
self.kb_append_uniq(self, "format_string", v)
break
def _get_string_list(self):
:return: This method returns a list of format strings.
After Change
//
// I will only report the vulnerability once.
//
if self._has_bug(mutant):
return
for error in self.ERROR_STRINGS:
// Check if the error string is in the response
if error not in response.body:
continue
if error in mutant.get_original_response_body():
continue
desc = ("A possible (detection is really hard...) format"
" string vulnerability was found at: %s")
desc %= mutant.found_at()
In pattern: SUPERPATTERN
Frequency: 3
Non-data size: 13
Instances Project Name: andresriancho/w3af
Commit Name: c08c98415395b76371581432be55381f0f6e2b40
Time: 2018-01-09
Author: andres.riancho@gmail.com
File Name: w3af/plugins/audit/format_string.py
Class Name: format_string
Method Name: _analyze_result
Project Name: andresriancho/w3af
Commit Name: 2add7b48cc1d9172133f26f801f3d65ff84b8345
Time: 2017-11-28
Author: andres.riancho@gmail.com
File Name: w3af/plugins/audit/mx_injection.py
Class Name: mx_injection
Method Name: _analyze_result
Project Name: andresriancho/w3af
Commit Name: 67f0fec6d97c83b8e26957281b976c2c54e43374
Time: 2017-11-29
Author: andres.riancho@gmail.com
File Name: w3af/plugins/audit/preg_replace.py
Class Name: preg_replace
Method Name: _analyze_result
