mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 05:01:32 +03:00 
			
		
		
		
	Minor fix to avoid query splitting/unpacking when the statement is EXISTS()
This commit is contained in:
		
							parent
							
								
									be6e2d6a31
								
							
						
					
					
						commit
						ca33728fbc
					
				|  | @ -533,7 +533,7 @@ class Agent: | |||
|                 inbandQuery += ", " | ||||
| 
 | ||||
|             if element == position: | ||||
|                 if " FROM " in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: | ||||
|                 if " FROM " in query and "EXISTS(" not in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: | ||||
|                     conditionIndex = query.index(" FROM ") | ||||
|                     inbandQuery += query[:conditionIndex] | ||||
|                 else: | ||||
|  | @ -541,7 +541,7 @@ class Agent: | |||
|             else: | ||||
|                 inbandQuery += char | ||||
| 
 | ||||
|         if " FROM " in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: | ||||
|         if " FROM " in query and "EXISTS(" not in query and not query.startswith("SELECT ") and "(CASE WHEN (" not in query: | ||||
|             conditionIndex = query.index(" FROM ") | ||||
|             inbandQuery += query[conditionIndex:] | ||||
| 
 | ||||
|  |  | |||
|  | @ -64,7 +64,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullCh | |||
|         # entry per time | ||||
|         # NOTE: I assume that only queries that get data from a table can | ||||
|         # return multiple entries | ||||
|         if " FROM " in expression: | ||||
|         if " FROM " in expression and "EXISTS(" not in expression: | ||||
|             limitRegExp = re.search(queries[kb.dbms].limitregexp.query, expression, re.I) | ||||
| 
 | ||||
|             if limitRegExp: | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user