These queries provide a list of objects calling another object or being called by another objects. This output can be useful in metrics such as fan-in (calling objects) or fan-out (called objects).
In other words, if routine A calls routine B then routine A is the caller and routine B is the callee. i.e. the caller is the routine which is calling the callee.
Routine A is the calling object and routine B is the called object.
Release | Yes/No |
|---|---|
| 8.3.x |  |
| 8.2.x | |
RDBMS | Yes/No |
|---|---|
| Oracle Server |  |
| Microsoft SQL Server | |
| CSS | |
Calling Objects
For the query below, please provide a search string for the calling object(s) (CALLING_OBJECT in the query below):
SELECT *
FROM OBJFULNAM
WHERE IDOBJ IN
( SELECT IDCLR
FROM ACC
WHERE IDCLE IN
(SELECT IDOBJ
FROM OBJFULNAM
WHERE fullname LIKE '%CALLING_OBJECT%'
)
);
3230;"org.owasp.webgoat.lessons.WsSqlInjection.getDefaultCategory"
3491;"org.owasp.webgoat.lessons.SoapRequest.getDefaultCategory"
3266;"org.owasp.webgoat.lessons.WsSAXInjection.getDefaultCategory"
4014;"org.owasp.webgoat.lessons.Category.{(90:2)}"
3328;"org.owasp.webgoat.lessons.WSDLScanning.getDefaultCategory"
Called Objects
For the query below, please provide a search string for the called object(s) (CALLED_OBJECT in the query below):
SELECT *
FROM OBJFULNAM
WHERE IDOBJ IN
( SELECT IDCLE
FROM ACC
WHERE IDCLR IN
(SELECT IDOBJ
FROM OBJFULNAM
WHERE fullname LIKE '%CALLED_OBJECT%'
)
);
4474;"org.owasp.webgoat.lessons.Category.ERROR_HANDLING"
4472;"org.owasp.webgoat.lessons.Category.INSECURE_COMMUNICATION"
3307;"org.owasp.webgoat.lessons.WeakAuthenticationCookie.getDefaultCategory"
4491;"org.owasp.webgoat.lessons.CSRF.getDefaultCategory"
Enter the SQL query
Enter the SQL query
