Python: Adjust name/description/select of PamAuthorization.ql

Thought that calling out the actual vulnerability would make things easier for our end users :)
2025-12-22 11:46:32 +01:00 · 2022-05-10 18:02:17 +02:00
parent c84f693151
commit 7e87e18b32
2 changed files with 5 additions and 4 deletions
--- a/python/ql/src/experimental/Security/CWE-285/PamAuthorization.ql
+++ b/python/ql/src/experimental/Security/CWE-285/PamAuthorization.ql
@@ -1,6 +1,6 @@
 /**
- * @name Authorization bypass due to incorrect usage of PAM
- * @description Using only the `pam_authenticate` call to check the validity of a login can lead to a authorization bypass.
+ * @name PAM authorization bypass due to incorrect usage
+ * @description Not using `pam_acct_mgmt` after `pam_authenticate` to check the validity of a login can lead to authorization bypass.
 * @kind problem
 * @problem.severity warning
 * @precision high
@@ -33,4 +33,5 @@ where
    acctMgmtCall = libPam().getMember("pam_acct_mgmt").getACall() and
    DataFlow::localFlow(handle, acctMgmtCall.getArg(0))
  )
-select authenticateCall, "This PAM authentication call may be lead to an authorization bypass."
+select authenticateCall,
+  "This PAM authentication call may be lead to an authorization bypass, since 'pam_acct_mgmt' is not called afterwards."
--- a/python/ql/test/experimental/query-tests/Security/CWE-285/PamAuthorization.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-285/PamAuthorization.expected
@@ -1 +1 @@
-| pam_test.py:48:18:48:44 | ControlFlowNode for pam_authenticate() | This PAM authentication call may be lead to an authorization bypass. |
+| pam_test.py:48:18:48:44 | ControlFlowNode for pam_authenticate() | This PAM authentication call may be lead to an authorization bypass, since 'pam_acct_mgmt' is not called afterwards. |