Oracle OWM_ASSERT_PKG
Version 21c

General Information
Library Note Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling complimentary technical Workshops on Database Security for the first 30 Oracle Database customers located anywhere in North America, EMEA, LATAM, or APAC that send an email to asra_us@oracle.com. Request a Workshop for your organization today.
Purpose Undocumented but the SYS.DBMS_ASSERT package, plus the functionality of the ASSERT_WS function give an indication that the intention may be related to preventing SQL Injection.
AUTHID DEFINER
Dependencies
DBMS_ASSERT LTRIC OWM_IEXP_PKG
DUAL LTUTIL OWM_MIG_PKG
LT LT_EXPORT_PKG OWM_MP_PKG
LTADM OWM_BULK_LOAD_PKG OWM_VSCRIPT_PKG
LTDDL OWM_CPKG_PKG UD_TRIGS
LTDTRG OWM_DDL_PKG WM_DDL_UTIL
LTI OWM_DYNSQL_ACCESS  
Documented No
First Available 12.2
Security Model Owned by WMSYS with no privileges granted

Direct access to this package is prevented by means of an Accessible By clause.
Source {ORACLE_HOME}/rdbms/admin/owmasrts.plb
Subprograms
ASSERT ASSERT_WS_NEQ VERIFYCALLSTACK
ASSERT_WS NOOP  
 
ASSERT
Undocumented

In versions 12.2 through 18.3 this function was not protected with the ACCESSIBLE BY clause		 owm_assert_pkg.assert(
var         IN VARCHAR2,
flag        IN NUMBER,
verifyStack IN BOOLEAN)
RETURN VARCHAR2;
SQL> sho user
USER is "WMSYS"

DECLARE
 b BOOLEAN := TRUE;
 retval VARCHAR2(2000);
BEGIN
  retval := wmsys.owm_assert_pkg.assert('Test', -1, b);
  dbms_output.put_line(retval);
END;
/
retval := wmsys.owm_assert_pkg.assert('Test', -1, b);
*
ERROR at line 5:
ORA-06550: line 5, column 13:
PLS-00904: insufficient privilege to access object OWM_ASSERT_PKG
ORA-06550: line 5, column 3:
PL/SQL: Statement ignored
 
ASSERT_WS
Returns the var string enclosed in single quotes whether TRUE or FALSE

In versions 12.2 through 18.3 this function was not protected with the ACCESSIBLE BY clause		 owm_assert_pkg.assert_ws(
var         IN VARCHAR2,
verifyStack IN BOOLEAN)
RETURN VARCHAR2;
DECLARE
 b BOOLEAN := FALSE;
 retval VARCHAR2(2000);
BEGIN
  retval := wmsys.owm_assert_pkg.assert_ws('Test This', b);
  dbms_output.put_line(retval);
END;
/
retval := wmsys.owm_assert_pkg.assert_ws('Test This', b);
*
ERROR at line 5:
ORA-06550: line 5, column 13:
PLS-00904: insufficient privilege to access object OWM_ASSERT_PKG
ORA-06550: line 5, column 3:
PL/SQL: Statement ignored
 
ASSERT_WS_NEQ
Appears to return the test string unchanged whether TRUE or FALSE

In versions 12.2 through 18.3 this function was not protected with the ACCESSIBLE BY clause		 owm_assert_pkg.assert_ws_neq(
var         IN VARCHAR2,
verifyStack IN BOOLEAN)
RETURN VARCHAR2;
DECLARE
 b      BOOLEAN := FALSE;
 retval VARCHAR2(2000);
BEGIN
  retval := wmsys.owm_assert_pkg.assert_ws_neq('Test This', b);
  dbms_output.put_line(retval);
END;
/
retval := wmsys.owm_assert_pkg.assert_ws_neq('Test This', b);
*
ERROR at line 5:
ORA-06550: line 5, column 13:
PLS-00904: insufficient privilege to access object OWM_ASSERT_PKG
ORA-06550: line 5, column 3:
PL/SQL: Statement ignored
 
NOOP
Undocumented

Overload 1

Appears to return the test string unchanged whether TRUE or FALSE

In versions 12.2 through 18.3 this function was not protected with the ACCESSIBLE BY clause		 owm_assert_pkg.noop(
var         IN VARCHAR2,
verifyStack IN BOOLEAN)
RETURN VARCHAR2;
DECLARE
 b      BOOLEAN := FALSE;
 retval VARCHAR2(2000);
BEGIN
  retval := wmsys.owm_assert_pkg.noop('Test This', b);
  dbms_output.put_line(retval);
END;
/
 retval := wmsys.owm_assert_pkg.noop('Test This', b);
*
ERROR at line 5:
ORA-06550: line 5, column 13:
PLS-00904: insufficient privilege to access object OWM_ASSERT_PKG
ORA-06550: line 5, column 3:
PL/SQL: Statement ignored
Overload 2

Appears to return the test string unchanged whether TRUE or FALSE

In versions 12.2 through 18.3 this function was not protected with the ACCESSIBLE BY clause		 owm_assert_pkg.noop(
var         IN CLOB,
verifyStack IN BOOLEAN)
RETURN CLOB;
DECLARE
 b      BOOLEAN := TRUE;
 retval CLOB;
BEGIN
  retval := wmsys.owm_assert_pkg.noop('Test This', b);
  dbms_output.put_line(retval);
END;
/
 retval := wmsys.owm_assert_pkg.noop('Test This', b);
*
ERROR at line 5:
ORA-06550: line 5, column 13:
PLS-00904: insufficient privilege to access object OWM_ASSERT_PKG
ORA-06550: line 5, column 3:
PL/SQL: Statement ignored
 
VERIFYCALLSTACK
Undocumented

In versions 12.2 through 18.3 this function was not protected with the ACCESSIBLE BY clause		 owm_assert_pkg.verifycallstack;
exec wmsys.owm_assert_pkg.verifycallstack;
BEGIN wmsys.owm_assert_pkg.verifycallstack; END;
*
ERROR at line 1:
ORA-06550: line 1, column 7:
PLS-00904: insufficient privilege to access object OWM_ASSERT_PKG
ORA-06550: line 1, column 7:
PL/SQL: Statement ignored

Related Topics
Built-in Functions
Built-in Packages
Database Security
OWM_BULK_LOAD_PKG
OWM_CPKG_PKG
OWM_DDL_PKG
OWM_DML_PKG
OWM_DYNSQL_ACCESS
OWM_IEXP_PKG
OWM_MIG_PKG
OWM_MP_PKG
OWM_VSCRIPT_PKG
OWM_VT_PKG
What's New In 21c
What's New In 23c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2023 Daniel A. Morgan All Rights Reserved
  DBSecWorx