Fixes #3471

2025-01-24 16:24:25 +03:00 · 2019-02-07 17:33:16 +01:00 · 2019-02-07 17:33:16 +01:00 · ab32ad4f48
commit ab32ad4f48
parent 0a42d91934
4 changed files with 26 additions and 9 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -2994,16 +2994,21 @@ def parseSqliteTableSchema(value):
    Parses table column names and types from specified SQLite table schema
    """

+    retVal = False
+
    if value:
        table = {}
        columns = {}

        for match in re.finditer(r"(\w+)[\"'`]?\s+(INT|INTEGER|TINYINT|SMALLINT|MEDIUMINT|BIGINT|UNSIGNED BIG INT|INT2|INT8|INTEGER|CHARACTER|VARCHAR|VARYING CHARACTER|NCHAR|NATIVE CHARACTER|NVARCHAR|TEXT|CLOB|LONGTEXT|BLOB|NONE|REAL|DOUBLE|DOUBLE PRECISION|FLOAT|REAL|NUMERIC|DECIMAL|BOOLEAN|DATE|DATETIME|NUMERIC)\b", value, re.I):
+            retVal = True
            columns[match.group(1)] = match.group(2)

-        table[conf.tbl] = columns
+        table[safeSQLIdentificatorNaming(conf.tbl, True)] = columns
        kb.data.cachedColumns[conf.db] = table

+    return retVal
+
 def getTechniqueData(technique=None):
    """
    Returns injection data for technique specified
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.2.8"
+VERSION = "1.3.2.9"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/plugins/generic/databases.py
+++ b/plugins/generic/databases.py
@ -622,7 +622,13 @@ class Databases:
                            index += 1

                if Backend.isDbms(DBMS.SQLITE):
+                    if dumpMode and colList:
+                        if conf.db not in kb.data.cachedColumns:
+                            kb.data.cachedColumns[conf.db] = {}
+                        kb.data.cachedColumns[conf.db][safeSQLIdentificatorNaming(conf.tbl, True)] = dict((_,None) for _ in colList)
+                    else:
                        parseSqliteTableSchema(unArrayizeValue(values))
+
                elif not isNoneValue(values):
                    table = {}
                    columns = {}
@ -718,9 +724,15 @@ class Databases:
                    query += condQuery

                elif Backend.isDbms(DBMS.SQLITE):
+                    if dumpMode and colList:
+                        if conf.db not in kb.data.cachedColumns:
+                            kb.data.cachedColumns[conf.db] = {}
+                        kb.data.cachedColumns[conf.db][safeSQLIdentificatorNaming(conf.tbl, True)] = dict((_,None) for _ in colList)
+                    else:
                        query = rootQuery.blind.query % unsafeSQLIdentificatorNaming(tbl)
                        value = unArrayizeValue(inject.getValue(query, union=False, error=False))
-                    parseSqliteTableSchema(value)
+                        parseSqliteTableSchema(unArrayizeValue(value))
+
                    return kb.data.cachedColumns

                table = {}
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@ -30,7 +30,7 @@ c1da277517c7ec4c23e953a51b51e203  lib/controller/handler.py
 fb6be55d21a70765e35549af2484f762  lib/controller/__init__.py
 ed7874be0d2d3802f3d20184f2b280d5  lib/core/agent.py
 a932126e7d80e545c5d44af178d0bc0c  lib/core/bigarray.py
-e253cc58cb0d2bc01a68cfbe58266435  lib/core/common.py
+964885db1ac028fa622ee5ba20f061b1  lib/core/common.py
 de8d27ae6241163ff9e97aa9e7c51a18  lib/core/convert.py
 abcb1121eb56d3401839d14e8ed06b6e  lib/core/data.py
 e1f7758f433202c50426efde5eb96768  lib/core/datatype.py
@ -50,7 +50,7 @@ d5ef43fe3cdd6c2602d7db45651f9ceb  lib/core/readlineng.py
 7d8a22c582ad201f65b73225e4456170  lib/core/replication.py
 3179d34f371e0295dd4604568fb30bcd  lib/core/revision.py
 d6269c55789f78cf707e09a0f5b45443  lib/core/session.py
-ccda855c6b8c67a67867fba4047446d6  lib/core/settings.py
+0f7113b9afe5f0b0051a65bbd5d4a713  lib/core/settings.py
 4483b4a5b601d8f1c4281071dff21ecc  lib/core/shell.py
 10fd19b0716ed261e6d04f311f6f527c  lib/core/subprocessng.py
 43772ea73e9e3d446f782af591cb4eda  lib/core/target.py
@ -215,7 +215,7 @@ ec3f406591fc9472f5750bd40993e72e  plugins/dbms/sybase/syntax.py
 369476221b3059106410de05766227e0  plugins/dbms/sybase/takeover.py
 312020bc31ffb0bc6077f62e6fff6e73  plugins/generic/connector.py
 d749b7f7b4bcf1f646290dec739f1e6d  plugins/generic/custom.py
-791db3be35714c9a2e55a7abe9127da4  plugins/generic/databases.py
+69cc329dc01805c1a7d6d65534a3e719  plugins/generic/databases.py
 4cf8eb3719c980c54a92f838a999d090  plugins/generic/entries.py
 f3624debb8ae6fbcfb5f1b7f1d0743d1  plugins/generic/enumeration.py
 cda119b7b0d1afeb60f912009cdb0cf5  plugins/generic/filesystem.py