just a makeup

stamparm · stamparm · commit 2b05ded9c3a2 · 2012-02-07T12:05:23.000Z
diff --git a/lib/core/agent.py b/lib/core/agent.py
@@ -26,7 +26,7 @@
 from lib.core.enums import PAYLOAD
 from lib.core.enums import PLACE
 from lib.core.exception import sqlmapNoneDataException
-from lib.core.settings import FROM_TABLE
+from lib.core.settings import FROM_DUMMY_TABLE
 from lib.core.settings import PAYLOAD_DELIMITER
 from lib.core.settings import URI_INJECTION_MARK_CHAR
 from lib.core.unescaper import unescaper
@@ -559,7 +559,7 @@ def forgeInbandQuery(self, query, position, count, comment, prefix, suffix, char
 
         if limited:
             inbandQuery += ",".join(char if _ != position else '(SELECT %s)' % query for _ in xrange(0, count))
-            inbandQuery += FROM_TABLE.get(Backend.getIdentifiedDbms(), "")
+            inbandQuery += FROM_DUMMY_TABLE.get(Backend.getIdentifiedDbms(), "")
             inbandQuery = self.suffixQuery(inbandQuery, comment, suffix)
 
             return inbandQuery
@@ -576,8 +576,8 @@ def forgeInbandQuery(self, query, position, count, comment, prefix, suffix, char
             intoRegExp = intoRegExp.group(1)
             query = query[:query.index(intoRegExp)]
 
-        if Backend.getIdentifiedDbms() in FROM_TABLE and inbandQuery.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
-            inbandQuery = inbandQuery[:-len(FROM_TABLE[Backend.getIdentifiedDbms()])]
+        if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and inbandQuery.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
+            inbandQuery = inbandQuery[:-len(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()])]
 
         for element in xrange(0, count):
             if element > 0:
@@ -596,9 +596,9 @@ def forgeInbandQuery(self, query, position, count, comment, prefix, suffix, char
             conditionIndex = query.index(" FROM ")
             inbandQuery += query[conditionIndex:]
 
-        if Backend.getIdentifiedDbms() in FROM_TABLE:
+        if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE:
             if " FROM " not in inbandQuery or "(CASE " in inbandQuery or "(IIF" in inbandQuery:
-                inbandQuery += FROM_TABLE[Backend.getIdentifiedDbms()]
+                inbandQuery += FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]
 
         if intoRegExp:
             inbandQuery += intoRegExp
@@ -615,8 +615,8 @@ def forgeInbandQuery(self, query, position, count, comment, prefix, suffix, char
                 else:
                     inbandQuery += char
 
-            if Backend.getIdentifiedDbms() in FROM_TABLE:
-                inbandQuery += FROM_TABLE[Backend.getIdentifiedDbms()]
+            if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE:
+                inbandQuery += FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]
 
         inbandQuery = self.suffixQuery(inbandQuery, comment, suffix)
 
@@ -747,8 +747,8 @@ def forgeCaseStatement(self, expression):
         if Backend.getIdentifiedDbms() is not None and hasattr(queries[Backend.getIdentifiedDbms()], "case"):
             caseExpression = queries[Backend.getIdentifiedDbms()].case.query % expression
 
-            if "(IIF" not in caseExpression and Backend.getIdentifiedDbms() in FROM_TABLE and not caseExpression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
-                caseExpression += FROM_TABLE[Backend.getIdentifiedDbms()]
+            if "(IIF" not in caseExpression and Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and not caseExpression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
+                caseExpression += FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]
 
         return caseExpression
 
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -2370,13 +2370,11 @@ def aliasToDbmsEnum(dbms):
 
     retVal = None
 
-    if dbms is None:
-        return None
-
-    for key, item in DBMS_DICT.items():
-        if dbms.lower() in item[0] or dbms.lower() == key.lower():
-            retVal = key
-            break
+    if dbms:
+        for key, item in DBMS_DICT.items():
+            if dbms.lower() in item[0] or dbms.lower() == key.lower():
+                retVal = key
+                break
 
     return retVal
 
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -182,7 +182,7 @@
 REFERER_ALIASES = ( "ref", "referer", "referrer" )
 HOST_ALIASES = ( "host", )
 
-FROM_TABLE = {
+FROM_DUMMY_TABLE = {
                         DBMS.ORACLE: " FROM DUAL",
                         DBMS.ACCESS: " FROM MSysAccessObjects",
                         DBMS.FIREBIRD: " FROM RDB$DATABASE",
diff --git a/lib/request/inject.py b/lib/request/inject.py
@@ -36,7 +36,7 @@
 from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapNotVulnerableException
 from lib.core.exception import sqlmapUserQuitException
-from lib.core.settings import FROM_TABLE
+from lib.core.settings import FROM_DUMMY_TABLE
 from lib.core.settings import MIN_TIME_RESPONSES
 from lib.core.settings import MAX_TECHNIQUES_PER_VALUE
 from lib.core.settings import SQL_SCALAR_REGEX
@@ -159,8 +159,8 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
     # NOTE: I assume that only queries that get data from a table
     # can return multiple entries
     if fromUser and " FROM " in expression.upper() and ((Backend.getIdentifiedDbms() \
-      not in FROM_TABLE) or (Backend.getIdentifiedDbms() in FROM_TABLE and not \
-      expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]))) \
+      not in FROM_DUMMY_TABLE) or (Backend.getIdentifiedDbms() in FROM_TABLE and not \
+      expression.upper().endswith(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]))) \
       and not re.search(SQL_SCALAR_REGEX, expression, re.I):
 
         limitRegExp = re.search(queries[Backend.getIdentifiedDbms()].limitregexp.query, expression, re.I)
@@ -215,7 +215,7 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
                     stopLimit += startLimit
 
             if not stopLimit or stopLimit <= 1:
-                if Backend.getIdentifiedDbms() in FROM_TABLE and expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
+                if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
                     test = False
                 else:
                     test = True
@@ -318,8 +318,8 @@ def __goInferenceProxy(expression, fromUser=False, expected=None, batch=False, r
 
                 return outputs
 
-    elif Backend.getIdentifiedDbms() in FROM_TABLE and expression.upper().startswith("SELECT ") and " FROM " not in expression.upper():
-        expression += FROM_TABLE[Backend.getIdentifiedDbms()]
+    elif Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and expression.upper().startswith("SELECT ") and " FROM " not in expression.upper():
+        expression += FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]
 
     outputs = __goInferenceFields(expression, expressionFields, expressionFieldsList, payload, expected, resumeValue=resumeValue, charsetType=charsetType, firstChar=firstChar, lastChar=lastChar, dump=dump)
     returnValue = ", ".join(output for output in outputs)
diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py
@@ -35,7 +35,7 @@
 from lib.core.enums import EXPECTED
 from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapConnectionException
-from lib.core.settings import FROM_TABLE
+from lib.core.settings import FROM_DUMMY_TABLE
 from lib.core.settings import MYSQL_ERROR_CHUNK_LENGTH
 from lib.core.settings import MSSQL_ERROR_CHUNK_LENGTH
 from lib.core.settings import SLOW_ORDER_COUNT_THRESHOLD
@@ -227,9 +227,9 @@ def errorUse(expression, expected=None, resumeValue=True, dump=False):
     # NOTE: I assume that only queries that get data from a table can
     # return multiple entries
     if (dump and (conf.limitStart or conf.limitStop)) or (" FROM " in \
-       expression.upper() and ((Backend.getIdentifiedDbms() not in FROM_TABLE) \
-       or (Backend.getIdentifiedDbms() in FROM_TABLE and not \
-       expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]))) \
+       expression.upper() and ((Backend.getIdentifiedDbms() not in FROM_DUMMY_TABLE) \
+       or (Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and not \
+       expression.upper().endswith(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]))) \
        and ("(CASE" not in expression.upper() or ("(CASE" in expression.upper() and "WHEN use" in expression))) \
        and not re.search(SQL_SCALAR_REGEX, expression, re.I):
 
diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py
@@ -35,7 +35,7 @@
 from lib.core.data import queries
 from lib.core.enums import DBMS
 from lib.core.enums import PAYLOAD
-from lib.core.settings import FROM_TABLE
+from lib.core.settings import FROM_DUMMY_TABLE
 from lib.core.settings import UNION_MIN_RESPONSE_CHARS
 from lib.core.settings import UNION_STDEV_COEFF
 from lib.core.settings import MIN_RATIO
@@ -257,14 +257,14 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix
         count = __findUnionCharCount(comment, place, parameter, value, prefix, suffix, PAYLOAD.WHERE.ORIGINAL if isNullValue(kb.uChar) else PAYLOAD.WHERE.NEGATIVE)
 
     if count:
-        if Backend.getIdentifiedDbms() in FROM_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
-            query = query[:-len(FROM_TABLE[Backend.getIdentifiedDbms()])]
+        if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE and query.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
+            query = query[:-len(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()])]
 
         if count:
             query += ", %s" % kb.uChar
 
-        if Backend.getIdentifiedDbms() in FROM_TABLE:
-            query += FROM_TABLE[Backend.getIdentifiedDbms()]
+        if Backend.getIdentifiedDbms() in FROM_DUMMY_TABLE:
+            query += FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]
 
         validPayload, vector = __unionConfirm(comment, place, parameter, prefix, suffix, count)
 
diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py
@@ -36,7 +36,7 @@
 from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapConnectionException
 from lib.core.exception import sqlmapSyntaxException
-from lib.core.settings import FROM_TABLE
+from lib.core.settings import FROM_DUMMY_TABLE
 from lib.core.settings import SQL_SCALAR_REGEX
 from lib.core.settings import TURN_OFF_RESUME_INFO_LIMIT
 from lib.core.threads import getCurrentThreadData
@@ -165,8 +165,8 @@ def unionUse(expression, unpack=True, dump=False):
     if (kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == PAYLOAD.WHERE.NEGATIVE or \
        (dump and (conf.limitStart or conf.limitStop))) and \
        " FROM " in expression.upper() and ((Backend.getIdentifiedDbms() \
-       not in FROM_TABLE) or (Backend.getIdentifiedDbms() in FROM_TABLE \
-       and not expression.upper().endswith(FROM_TABLE[Backend.getIdentifiedDbms()]))) \
+       not in FROM_DUMMY_TABLE) or (Backend.getIdentifiedDbms() in FROM_TABLE \
+       and not expression.upper().endswith(FROM_DUMMY_TABLE[Backend.getIdentifiedDbms()]))) \
        and not re.search(SQL_SCALAR_REGEX, expression, re.I):
 
         limitRegExp = re.search(queries[Backend.getIdentifiedDbms()].limitregexp.query, expression, re.I)
