From b7411211af01f302dcbec3d2a0e751f971fe7f28 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Sat, 17 Dec 2022 14:46:00 +0100
Subject: [PATCH] Fixes #5262

---
 lib/core/settings.py |  2 +-
 lib/utils/api.py     | 25 +++++++++++++++----------
 2 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/lib/core/settings.py b/lib/core/settings.py
index 65b27b16f..b81a77880 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -20,7 +20,7 @@ from thirdparty import six
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.6.12.5"
+VERSION = "1.6.12.6"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
diff --git a/lib/utils/api.py b/lib/utils/api.py
index 363b5bea2..6fa8c0ab2 100644
--- a/lib/utils/api.py
+++ b/lib/utils/api.py
@@ -17,6 +17,7 @@ import socket
 import sqlite3
 import sys
 import tempfile
+import threading
 import time
 
 from lib.core.common import dataToStdout
@@ -88,6 +89,7 @@ class Database(object):
     def connect(self, who="server"):
         self.connection = sqlite3.connect(self.database, timeout=3, isolation_level=None, check_same_thread=False)
         self.cursor = self.connection.cursor()
+        self.lock = threading.Lock()
         logger.debug("REST-JSON API %s connected to IPC database" % who)
 
     def disconnect(self):
@@ -101,17 +103,20 @@ class Database(object):
         self.connection.commit()
 
     def execute(self, statement, arguments=None):
-        while True:
-            try:
-                if arguments:
-                    self.cursor.execute(statement, arguments)
+        with self.lock:
+            while True:
+                try:
+                    if arguments:
+                        self.cursor.execute(statement, arguments)
+                    else:
+                        self.cursor.execute(statement)
+                except sqlite3.OperationalError as ex:
+                    if "locked" not in getSafeExString(ex):
+                        raise
+                    else:
+                        time.sleep(1)
                 else:
-                    self.cursor.execute(statement)
-            except sqlite3.OperationalError as ex:
-                if "locked" not in getSafeExString(ex):
-                    raise
-            else:
-                break
+                    break
 
         if statement.lstrip().upper().startswith("SELECT"):
             return self.cursor.fetchall()