Skip to content

Commit

Permalink
Potential fix for #978
Browse files Browse the repository at this point in the history
  • Loading branch information
stasinopoulos committed Nov 12, 2024
1 parent 75dee55 commit 9e65bfe
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
6 changes: 3 additions & 3 deletions src/thirdparty/flatten_json/flatten_json.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ def _construct_key(previous_key, separator, new_key):
else:
return new_key

def flatten(nested_dict, separator="_", root_keys_to_ignore=""):
def flatten(nested_dict, separator=settings.FLATTEN_JSON_SEPARATOR, root_keys_to_ignore=""):
"""
Flattens a dictionary with nested structure to a dictionary with no hierarchy
Consider ignoring keys that you are not interested in to prevent unnecessary processing
Expand Down Expand Up @@ -87,7 +87,7 @@ def _unflatten_asserts(flat_dict, separator):
settings.print_data_to_stdout(settings.print_critical_msg(err_msg))
raise SystemExit()

def unflatten(flat_dict, separator='_'):
def unflatten(flat_dict, separator=settings.FLATTEN_JSON_SEPARATOR):
"""
Creates a hierarchical dictionary from a flattened dictionary
Assumes no lists are present
Expand All @@ -112,7 +112,7 @@ def _unflatten(dic, keys, value):

return unflattened_dict

def unflatten_list(flat_dict, separator='_'):
def unflatten_list(flat_dict, separator=settings.FLATTEN_JSON_SEPARATOR):
"""
Unflattens a dictionary, first assuming no lists exist and then tries to identify lists and replaces them
This is probably not very efficient and has not been tested extensively
Expand Down
4 changes: 3 additions & 1 deletion src/utils/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -262,7 +262,7 @@ def sys_argv_errors():
DESCRIPTION = "The command injection exploiter"
AUTHOR = "Anastasios Stasinopoulos"
VERSION_NUM = "4.0"
REVISION = "111"
REVISION = "112"
STABLE_RELEASE = False
VERSION = "v"
if STABLE_RELEASE:
Expand Down Expand Up @@ -1314,6 +1314,8 @@ class END_LINE:
IGNORE_SPECIAL_CHAR_REGEX = "[^/()A-Za-z0-9.:,_+]"
IGNORE_JSON_CHAR_REGEX = r"[{}\"\[\]]"

FLATTEN_JSON_SEPARATOR = ''.join(random.choice("{}") for _ in range(10)) + "_"

PERFORM_CRACKING = False

PAGE_COMPRESSION = None
Expand Down

0 comments on commit 9e65bfe

Please sign in to comment.