From 5e358b51f94197511c747902ca8656d7a38893a9 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Wed, 4 Apr 2012 09:25:05 +0000
Subject: [PATCH] few fixes related to bug report by Shadow Folder
 (AttributeError: 'list' object has no attribute 'isdigit')

---
 lib/takeover/udf.py                    | 5 +++--
 lib/utils/resume.py                    | 5 +++--
 plugins/dbms/mssqlserver/filesystem.py | 3 ++-
 plugins/dbms/mysql/filesystem.py       | 4 ++--
 plugins/dbms/oracle/enumeration.py     | 2 +-
 plugins/generic/filesystem.py          | 8 +++++---
 6 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/lib/takeover/udf.py b/lib/takeover/udf.py
index 22b22cd7e..78130785f 100644
--- a/lib/takeover/udf.py
+++ b/lib/takeover/udf.py
@@ -18,8 +18,9 @@ from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.data import queries
-from lib.core.enums import CHARSET_TYPE
 from lib.core.enums import DBMS
+from lib.core.enums import CHARSET_TYPE
+from lib.core.enums import EXPECTED
 from lib.core.enums import OS
 from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapFilePathException
@@ -54,7 +55,7 @@ class UDF:
         logger.info("checking if UDF '%s' already exist" % udf)
 
         query = agent.forgeCaseStatement(queries[Backend.getIdentifiedDbms()].check_udf.query % (udf, udf))
-        exists = inject.getValue(query, resumeValue=False, charsetType=CHARSET_TYPE.DIGITS)
+        exists = inject.getValue(query, resumeValue=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
 
         if exists == "1":
             return True
diff --git a/lib/utils/resume.py b/lib/utils/resume.py
index ffad54686..a421d588a 100644
--- a/lib/utils/resume.py
+++ b/lib/utils/resume.py
@@ -22,8 +22,9 @@ from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.data import queries
-from lib.core.enums import CHARSET_TYPE
 from lib.core.enums import DBMS
+from lib.core.enums import CHARSET_TYPE
+from lib.core.enums import EXPECTED
 from lib.core.unescaper import unescaper
 from lib.techniques.blind.inference import bisection
 
@@ -70,7 +71,7 @@ def queryOutputLength(expression, payload):
 
     start = time.time()
     lengthExprUnescaped = unescaper.unescape(lengthExpr)
-    count, length = bisection(payload, lengthExprUnescaped, charsetType=CHARSET_TYPE.DIGITS)
+    count, length = bisection(payload, lengthExprUnescaped, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
 
     debugMsg = "performed %d queries in %d seconds" % (count, calculateDeltaSeconds(start))
     logger.debug(debugMsg)
diff --git a/plugins/dbms/mssqlserver/filesystem.py b/plugins/dbms/mssqlserver/filesystem.py
index 9afd80ed1..5661bb184 100644
--- a/plugins/dbms/mssqlserver/filesystem.py
+++ b/plugins/dbms/mssqlserver/filesystem.py
@@ -19,6 +19,7 @@ from lib.core.common import randomStr
 from lib.core.data import conf
 from lib.core.data import logger
 from lib.core.enums import CHARSET_TYPE
+from lib.core.enums import EXPECTED
 from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapNoneDataException
 from lib.core.exception import sqlmapUnsupportedFeatureException
@@ -97,7 +98,7 @@ class Filesystem(GenericFilesystem):
 
         if not result:
             result = []
-            count = inject.getValue("SELECT COUNT(*) FROM %s" % (hexTbl), resumeValue=False, charsetType=CHARSET_TYPE.DIGITS)
+            count = inject.getValue("SELECT COUNT(*) FROM %s" % (hexTbl), resumeValue=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
 
             if not isNumPosStrValue(count):
                 errMsg = "unable to retrieve the content of the "
diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py
index 80d2dd177..a9814326c 100644
--- a/plugins/dbms/mysql/filesystem.py
+++ b/plugins/dbms/mysql/filesystem.py
@@ -10,11 +10,11 @@ See the file 'doc/COPYING' for copying permission
 from lib.core.common import isNumPosStrValue
 from lib.core.common import randomStr
 from lib.core.common import singleTimeWarnMessage
-from lib.core.common import unArrayizeValue
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
 from lib.core.enums import CHARSET_TYPE
+from lib.core.enums import EXPECTED
 from lib.core.enums import PLACE
 from lib.core.exception import sqlmapNoneDataException
 from lib.request import inject
@@ -52,7 +52,7 @@ class Filesystem(GenericFilesystem):
         logger.debug(debugMsg)
         inject.goStacked("LOAD DATA INFILE '%s' INTO TABLE %s FIELDS TERMINATED BY '%s' (%s)" % (tmpFile, self.fileTblName, randomStr(10), self.tblField))
 
-        length = unArrayizeValue(inject.getValue("SELECT LENGTH(%s) FROM %s" % (self.tblField, self.fileTblName), unique=False, resumeValue=False, charsetType=CHARSET_TYPE.DIGITS))
+        length = inject.getValue("SELECT LENGTH(%s) FROM %s" % (self.tblField, self.fileTblName), unique=False, resumeValue=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
 
         if not isNumPosStrValue(length):
             errMsg = "unable to retrieve the content of the "
diff --git a/plugins/dbms/oracle/enumeration.py b/plugins/dbms/oracle/enumeration.py
index fefc44bc3..b5669b56b 100644
--- a/plugins/dbms/oracle/enumeration.py
+++ b/plugins/dbms/oracle/enumeration.py
@@ -123,7 +123,7 @@ class Enumeration(GenericEnumeration):
                 count = inject.getValue(query, inband=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
 
                 if not isNumPosStrValue(count):
-                    if not count.isdigit() and not query2:
+                    if count != 0 and not query2:
                         infoMsg = "trying with table USER_SYS_PRIVS"
                         logger.info(infoMsg)
 
diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py
index ef33fa9ea..a2f4a2899 100644
--- a/plugins/generic/filesystem.py
+++ b/plugins/generic/filesystem.py
@@ -14,13 +14,15 @@ import os
 from lib.core.agent import agent
 from lib.core.common import dataToOutFile
 from lib.core.common import Backend
+from lib.core.common import isNumPosStrValue
 from lib.core.common import isTechniqueAvailable
 from lib.core.common import randomStr
 from lib.core.common import readInput
 from lib.core.data import conf
 from lib.core.data import logger
-from lib.core.enums import CHARSET_TYPE
 from lib.core.enums import DBMS
+from lib.core.enums import CHARSET_TYPE
+from lib.core.enums import EXPECTED
 from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapUndefinedMethod
 from lib.request import inject
@@ -110,9 +112,9 @@ class Filesystem:
         wFileSize = os.path.getsize(wFile)
 
         logger.debug("checking if the %s file has been written" % fileType)
-        dFileSize = inject.getValue(lengthQuery, resumeValue=False, charsetType=CHARSET_TYPE.DIGITS)
+        dFileSize = inject.getValue(lengthQuery, resumeValue=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
 
-        if dFileSize and dFileSize.isdigit():
+        if isNumPosStrValue(dFileSize):
             infoMsg = "the file has been successfully written and "
             infoMsg += "its size is %s bytes" % dFileSize