hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Adjust alert text of py/pam-auth-bypass

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2022-11-28 16:14:38 +01:00
parent f8442ccb0e
commit 4e67ec19d0
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
python/ql/src/Security/CWE-285/PamAuthorization.ql
View File

@@ -18,4 +18,5 @@ import semmle.python.security.dataflow.PamAuthorizationQuery
from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink,
"This PAM authentication call may lead to an authorization bypass, since `pam_acct_mgmt` is not called afterwards."
"This PAM authentication depends on a $@, and `pam_acct_mgmt` is not called afterwards.",
source.getNode(), "user-provided value"