From a397baa89af97d4660d9830c0de0b3de6c55a19d Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 26 May 2011 08:17:21 +0000 Subject: [PATCH] fix for a bug reported by viniciusmaxdaloop@gmail.com and few related patches --- plugins/dbms/mssqlserver/enumeration.py | 7 ++++--- plugins/dbms/oracle/enumeration.py | 5 +++-- plugins/generic/enumeration.py | 20 ++++++++++---------- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/plugins/dbms/mssqlserver/enumeration.py b/plugins/dbms/mssqlserver/enumeration.py index 971f80d45..4bcd49414 100644 --- a/plugins/dbms/mssqlserver/enumeration.py +++ b/plugins/dbms/mssqlserver/enumeration.py @@ -11,6 +11,7 @@ from lib.core.agent import agent from lib.core.common import arrayizeValue from lib.core.common import Backend from lib.core.common import getRange +from lib.core.common import isNoneValue from lib.core.common import isNumPosStrValue from lib.core.common import isTechniqueAvailable from lib.core.common import safeSQLIdentificatorNaming @@ -93,7 +94,7 @@ class Enumeration(GenericEnumeration): query = rootQuery.inband.query % db value = inject.getValue(query, blind=False) - if value: + if not isNoneValue(value): kb.data.cachedTables[db] = arrayizeValue(value) if not kb.data.cachedTables and not conf.direct: @@ -186,7 +187,7 @@ class Enumeration(GenericEnumeration): query += tblQuery values = inject.getValue(query, blind=False) - if values: + if not isNoneValue(values): if isinstance(values, basestring): values = [ values ] @@ -279,7 +280,7 @@ class Enumeration(GenericEnumeration): query += " AND %s" % colQuery.replace("[DB]", db) values = inject.getValue(query, blind=False) - if values: + if not isNoneValue(values): if isinstance(values, basestring): values = [ values ] diff --git a/plugins/dbms/oracle/enumeration.py b/plugins/dbms/oracle/enumeration.py index 032225e49..8cc0fe412 100644 --- a/plugins/dbms/oracle/enumeration.py +++ b/plugins/dbms/oracle/enumeration.py @@ -10,6 +10,7 @@ See the file 'doc/COPYING' for copying permission from lib.core.agent import agent from lib.core.common import Backend from lib.core.common import getRange +from lib.core.common import isNoneValue from lib.core.common import isNumPosStrValue from lib.core.common import isTechniqueAvailable from lib.core.common import safeSQLIdentificatorNaming @@ -64,7 +65,7 @@ class Enumeration(GenericEnumeration): return self.getRoles(query2=True) - if values: + if not isNoneValue(values): for value in values: user = None roles = set() @@ -204,7 +205,7 @@ class Enumeration(GenericEnumeration): query += colQuery values = inject.getValue(query, blind=False) - if values: + if not isNoneValue(values): if isinstance(values, basestring): values = [ values ] diff --git a/plugins/generic/enumeration.py b/plugins/generic/enumeration.py index ea73cf2d1..e410b58e1 100644 --- a/plugins/generic/enumeration.py +++ b/plugins/generic/enumeration.py @@ -175,7 +175,7 @@ class Enumeration: query = rootQuery.inband.query value = inject.getValue(query, blind=False) - if value: + if not isNoneValue(value): kb.data.cachedUsers = arrayizeValue(value) if not kb.data.cachedUsers and not conf.direct: @@ -272,7 +272,7 @@ class Enumeration: else: value = inject.getValue(query, blind=False) - if value: + if not isNoneValue(value): for user, password in value: if not user or user == " ": continue @@ -467,7 +467,7 @@ class Enumeration: return self.getPrivileges(query2=True) - if values: + if not isNoneValue(values): for value in values: user = None privileges = set() @@ -683,7 +683,7 @@ class Enumeration: query = rootQuery.inband.query value = inject.getValue(query, blind=False) - if value: + if not isNoneValue(value): kb.data.cachedDbs = arrayizeValue(value) if not kb.data.cachedDbs and not conf.direct: @@ -826,7 +826,7 @@ class Enumeration: value = inject.getValue(query, blind=False) value = filter(lambda x: x, value) - if value: + if not isNoneValue(value): if Backend.isDbms(DBMS.SQLITE): if isinstance(value, basestring): value = [[ DBMS.SQLITE, value ]] @@ -1073,12 +1073,12 @@ class Enumeration: if Backend.isDbms(DBMS.SQLITE): parseSqliteTableSchema(value) - elif value: + elif not isNoneValue(value): table = {} columns = {} for columnData in value: - if columnData[0] is not None: + if not isNoneValue(columnData): name = safeSQLIdentificatorNaming(columnData[0]) if len(columnData) == 1: @@ -1836,7 +1836,7 @@ class Enumeration: query += exclDbsQuery values = inject.getValue(query, blind=False) - if values: + if not isNoneValue(values): if isinstance(values, basestring): values = [ values ] @@ -1946,7 +1946,7 @@ class Enumeration: query += exclDbsQuery values = inject.getValue(query, blind=False) - if values: + if not isNoneValue(values): if isinstance(values, basestring): values = [ values ] @@ -2109,7 +2109,7 @@ class Enumeration: query += exclDbsQuery values = inject.getValue(query, blind=False) - if values: + if not isNoneValue(values): if isinstance(values, basestring): values = [ values ]