Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 7718eda

Browse files
stamparmstamparm
committed
Fix for an Issue #570 
1 parent 02de2ae commit 7718eda

2 files changed

Lines changed: 16 additions & 12 deletions

File tree

lib/core/settings.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -99,6 +99,9 @@
9999
# Maximum number of techniques used in inject.py/getValue() per one value
100100
MAX_TECHNIQUES_PER_VALUE = 2
101101

102+
# In case of missing piece of partial union dump, buffered array must be flushed after certain size
103+
MAX_BUFFERED_PARTIAL_UNION_LENGTH = 1024
104+
102105
# Suffix used for naming meta databases in DBMS(es) without explicit database name
103106
METADB_SUFFIX = "_masterdb"
104107

lib/techniques/union/use.py

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@
4444
from lib.core.enums import DBMS
4545
from lib.core.enums import PAYLOAD
4646
from lib.core.exception import SqlmapSyntaxException
47+
from lib.core.settings import MAX_BUFFERED_PARTIAL_UNION_LENGTH
4748
from lib.core.settings import SQL_SCALAR_REGEX
4849
from lib.core.settings import TURN_OFF_RESUME_INFO_LIMIT
4950
from lib.core.threads import getCurrentThreadData
@@ -272,10 +273,10 @@ def unionThread():
272273
break
273274

274275
if output:
275-
if all(map(lambda _: _ in output, (kb.chars.start, kb.chars.stop))):
276-
items = parseUnionPage(output)
276+
with kb.locks.value:
277+
if all(map(lambda _: _ in output, (kb.chars.start, kb.chars.stop))):
278+
items = parseUnionPage(output)
277279

278-
with kb.locks.value:
279280
if threadData.shared.showEta:
280281
threadData.shared.progress.progress(time.time() - valueStart, threadData.shared.counter)
281282
# in case that we requested N columns and we get M!=N then we have to filter a bit
@@ -286,22 +287,22 @@ def unionThread():
286287
if threadData.shared.buffered[index][0] >= num:
287288
break
288289
threadData.shared.buffered.insert(index or 0, (num, items))
289-
while threadData.shared.buffered and threadData.shared.lastFlushed + 1 == threadData.shared.buffered[0][0]:
290-
threadData.shared.lastFlushed += 1
291-
_ = threadData.shared.buffered[0][1]
292-
if not isNoneValue(_):
293-
threadData.shared.value.extend(arrayizeValue(_))
294-
del threadData.shared.buffered[0]
295-
else:
296-
with kb.locks.value:
290+
else:
297291
index = None
298292
if threadData.shared.showEta:
299293
threadData.shared.progress.progress(time.time() - valueStart, threadData.shared.counter)
300294
for index in xrange(len(threadData.shared.buffered)):
301295
if threadData.shared.buffered[index][0] >= num:
302296
break
303297
threadData.shared.buffered.insert(index or 0, (num, None))
304-
items = output.replace(kb.chars.start, "").replace(kb.chars.stop, "").split(kb.chars.delimiter)
298+
299+
items = output.replace(kb.chars.start, "").replace(kb.chars.stop, "").split(kb.chars.delimiter)
300+
301+
while threadData.shared.buffered and (threadData.shared.lastFlushed + 1 >= threadData.shared.buffered[0][0] or len(threadData.shared.buffered) > MAX_BUFFERED_PARTIAL_UNION_LENGTH):
302+
threadData.shared.lastFlushed, _ = threadData.shared.buffered[0]
303+
if not isNoneValue(_):
304+
threadData.shared.value.extend(arrayizeValue(_))
305+
del threadData.shared.buffered[0]
305306

306307
if conf.verbose == 1 and not (threadData.resumed and kb.suppressResumeInfo) and not threadData.shared.showEta:
307308
status = "[%s] [INFO] %s: %s" % (time.strftime("%X"), "resumed" if threadData.resumed else "retrieved", safecharencode(",".join("\"%s\"" % _ for _ in flattenValue(arrayizeValue(items)))))

0 commit comments

Comments
 (0)