Update for an Issue #352

2025-12-07 21:21:33 +00:00 · 2013-03-11 14:58:05 +01:00
parent d6fc10092f
commit db0a1e58b9
11 changed files with 138 additions and 8 deletions
--- a/plugins/dbms/db2/syntax.py
+++ b/plugins/dbms/db2/syntax.py
@@ -13,6 +13,11 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||CHR(101)||CHR(102)||CHR(103)||CHR(104) FROM foobar'
+        """
+
        def escaper(value):
            return "||".join("CHR(%d)" % ord(_) for _ in value)

--- a/plugins/dbms/firebird/syntax.py
+++ b/plugins/dbms/firebird/syntax.py
@@ -5,6 +5,7 @@ Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
 See the file 'doc/COPYING' for copying permission
 """

+from lib.core.common import Backend
 from lib.core.common import isDBMSVersionAtLeast
 from plugins.generic.syntax import Syntax as GenericSyntax

@@ -14,6 +15,17 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Backend.setVersion('2.0')
+        ['2.0']
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        "SELECT 'abcdefgh' FROM foobar"
+        >>> Backend.setVersion('2.1')
+        ['2.1']
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT ASCII_CHAR(97)||ASCII_CHAR(98)||ASCII_CHAR(99)||ASCII_CHAR(100)||ASCII_CHAR(101)||ASCII_CHAR(102)||ASCII_CHAR(103)||ASCII_CHAR(104) FROM foobar'
+        """
+
        def escaper(value):
            return "||".join("ASCII_CHAR(%d)" % ord(_) for _ in value)

--- a/plugins/dbms/maxdb/syntax.py
+++ b/plugins/dbms/maxdb/syntax.py
@@ -13,4 +13,9 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        "SELECT 'abcdefgh' FROM foobar"
+        """
+
        return expression
--- a/plugins/dbms/mssqlserver/syntax.py
+++ b/plugins/dbms/mssqlserver/syntax.py
@@ -13,6 +13,11 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT CHAR(97)+CHAR(98)+CHAR(99)+CHAR(100)+CHAR(101)+CHAR(102)+CHAR(103)+CHAR(104) FROM foobar'
+        """
+
        def escaper(value):
            return "+".join("%s(%d)" % ("CHAR" if ord(value[i]) < 256 else "NCHAR", ord(value[i])) for i in xrange(len(value)))

--- a/plugins/dbms/mysql/syntax.py
+++ b/plugins/dbms/mysql/syntax.py
@@ -16,6 +16,11 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT 0x6162636465666768 FROM foobar'
+        """
+
        def escaper(value):
            retVal = None
            try:
--- a/plugins/dbms/oracle/syntax.py
+++ b/plugins/dbms/oracle/syntax.py
@@ -13,6 +13,11 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||CHR(101)||CHR(102)||CHR(103)||CHR(104) FROM foobar'
+        """
+
        def escaper(value):
            return "||".join("%s(%d)" % ("CHR" if ord(value[i]) < 256 else "NCHR", ord(value[i])) for i in xrange(len(value)))

--- a/plugins/dbms/postgresql/syntax.py
+++ b/plugins/dbms/postgresql/syntax.py
@@ -16,6 +16,9 @@ class Syntax(GenericSyntax):
        """
        Note: PostgreSQL has a general problem with concenation operator (||) precedence (hence the parentheses enclosing)
              e.g. SELECT 1 WHERE 'a'!='a'||'b' will trigger error ("argument of WHERE must be type boolean, not type text")
+
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT (CHR(97)||CHR(98)||CHR(99)||CHR(100)||CHR(101)||CHR(102)||CHR(103)||CHR(104)) FROM foobar'
        """

        def escaper(value):
--- a/plugins/dbms/sqlite/syntax.py
+++ b/plugins/dbms/sqlite/syntax.py
@@ -7,6 +7,7 @@ See the file 'doc/COPYING' for copying permission

 import binascii

+from lib.core.common import Backend
 from lib.core.common import isDBMSVersionAtLeast
 from lib.core.settings import UNICODE_ENCODING
 from plugins.generic.syntax import Syntax as GenericSyntax
@@ -17,6 +18,17 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Backend.setVersion('2')
+        ['2']
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        "SELECT 'abcdefgh' FROM foobar"
+        >>> Backend.setVersion('3')
+        ['3']
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        "SELECT CAST(X'6162636465666768' AS TEXT) FROM foobar"
+        """
+
        def escaper(value):
            # Reference: http://stackoverflow.com/questions/3444335/how-do-i-quote-a-utf-8-string-literal-in-sqlite3
            return "CAST(X'%s' AS TEXT)" % binascii.hexlify(value.encode(UNICODE_ENCODING) if isinstance(value, unicode) else value)
--- a/plugins/dbms/sybase/syntax.py
+++ b/plugins/dbms/sybase/syntax.py
@@ -13,6 +13,11 @@ class Syntax(GenericSyntax):

    @staticmethod
    def escape(expression, quote=True):
+        """
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT CHAR(97)+CHAR(98)+CHAR(99)+CHAR(100)+CHAR(101)+CHAR(102)+CHAR(103)+CHAR(104) FROM foobar'
+        """
+
        def escaper(value):
            return "+".join("%s(%d)" % ("CHAR" if ord(value[i]) < 256 else "TO_UNICHAR", ord(value[i])) for i in xrange(len(value)))