Implementing MAX_CONNECTION_TOTAL_SIZE check for websocket responses

2026-06-12 03:05:09 +00:00 · 2026-06-05 12:33:26 +02:00 · 2026-06-05 12:33:26 +02:00 · b702cbae88
commit b702cbae88
parent 7dc414b06b
3 changed files with 7 additions and 3 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -20,7 +20,7 @@ from lib.core.enums import OS
 from thirdparty import six

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.10.6.39"
+VERSION = "1.10.6.40"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -530,6 +530,10 @@ class Connect(object):
                    while True:
                        try:
                            _page.append(ws.recv())
+                            if sum(len(_) for _ in _page) > MAX_CONNECTION_TOTAL_SIZE:
+                                warnMsg = "too large websocket response detected. Automatically trimming it"
+                                singleTimeWarnMessage(warnMsg)
+                                break
                        except websocket.WebSocketTimeoutException:
                            kb.webSocketRecvCount = len(_page)
                            break