From 0c57f2af0f20c75fd1c1e236b4e5507375c1b253 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sun, 20 Feb 2011 12:20:44 +0000 Subject: [PATCH] minor fix --- lib/request/inject.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/request/inject.py b/lib/request/inject.py index 2177bfb31..966de3b9c 100644 --- a/lib/request/inject.py +++ b/lib/request/inject.py @@ -386,7 +386,7 @@ def __goInband(expression, expected=None, sort=True, resumeValue=True, unpack=Tr return data -def getValue(expression, blind=True, inband=True, error=True, time=True, fromUser=False, expected=None, batch=False, unpack=True, sort=True, resumeValue=True, charsetType=None, firstChar=None, lastChar=None, dump=False, suppressOutput=False, expectingNone=False): +def getValue(expression, blind=True, inband=True, error=True, time=True, fromUser=False, expected=None, batch=False, unpack=True, sort=True, resumeValue=True, charsetType=None, firstChar=None, lastChar=None, dump=False, suppressOutput=None, expectingNone=False): """ Called each time sqlmap inject a SQL query on the SQL injection affected parameter. It can call a function to retrieve the output @@ -394,7 +394,9 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse (if selected). """ - getCurrentThreadData().disableStdOut = suppressOutput + if suppressOutput is not None: + pushValue(getCurrentThreadData().disableStdOut) + getCurrentThreadData().disableStdOut = suppressOutput try: if conf.direct: @@ -471,7 +473,8 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse raise sqlmapNotVulnerableException, errMsg finally: - getCurrentThreadData().disableStdOut = False + if suppressOutput is not None: + getCurrentThreadData().disableStdOut = popValue() if value and expected == EXPECTED.BOOL: if isinstance(value, basestring):