MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / getStatements

Method getStatements

plugins/generic/databases.py:1025–1101  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

1023 return kb.data.cachedCounts
1024
1025 def getStatements(self):
1026 infoMsg = "fetching SQL statements"
1027 logger.info(infoMsg)
1028
1029 rootQuery = queries[Backend.getIdentifiedDbms()].statements
1030
1031 if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
1032 if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
1033 query = rootQuery.inband.query2
1034 else:
1035 query = rootQuery.inband.query
1036
1037 while True:
1038 values = inject.getValue(query, blind=False, time=False)
1039
1040 if not isNoneValue(values):
1041 kb.data.cachedStatements = []
1042 for value in arrayizeValue(values):
1043 value = (unArrayizeValue(value) or "").strip()
1044 if not isNoneValue(value):
1045 kb.data.cachedStatements.append(value.strip())
1046
1047 elif Backend.isDbms(DBMS.PGSQL) and "current_query" not in query:
1048 query = query.replace("query", "current_query")
1049 continue
1050
1051 break
1052
1053 if not kb.data.cachedStatements and isInferenceAvailable() and not conf.direct:
1054 infoMsg = "fetching number of statements"
1055 logger.info(infoMsg)
1056
1057 query = rootQuery.blind.count
1058
1059 if Backend.isDbms(DBMS.MYSQL) and Backend.isFork(FORK.DRIZZLE):
1060 query = re.sub("INFORMATION_SCHEMA", "DATA_DICTIONARY", query, flags=re.I)
1061
1062 count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
1063
1064 if count == 0:
1065 return kb.data.cachedStatements
1066 elif not isNumPosStrValue(count):
1067 errMsg = "unable to retrieve the number of statements"
1068 raise SqlmapNoneDataException(errMsg)
1069
1070 plusOne = Backend.getIdentifiedDbms() in PLUS_ONE_DBMSES
1071 indexRange = getLimitRange(count, plusOne=plusOne)
1072
1073 for index in indexRange:
1074 value = None
1075
1076 if Backend.getIdentifiedDbms() in (DBMS.MYSQL,): # case with multiple processes
1077 query = rootQuery.blind.query3 % index
1078 identifier = unArrayizeValue(inject.getValue(query, union=False, error=False, expected=EXPECTED.INT))
1079
1080 if not isNoneValue(identifier):
1081 query = rootQuery.blind.query2 % identifier
1082 value = unArrayizeValue(inject.getValue(query, union=False, error=False, expected=EXPECTED.INT))

Callers 1

actionFunction · 0.45

Calls 15

isTechniqueAvailableFunction · 0.90
isNoneValueFunction · 0.90
arrayizeValueFunction · 0.90
unArrayizeValueFunction · 0.90
isInferenceAvailableFunction · 0.90
isNumPosStrValueFunction · 0.90
getLimitRangeFunction · 0.90
infoMethod · 0.80
getIdentifiedDbmsMethod · 0.80
isDbmsMethod · 0.80
isForkMethod · 0.80

Tested by

no test coverage detected