mirror of
https://github.com/github/codeql.git
synced 2025-12-18 01:33:15 +01:00
Python : Improve the PAM authentication bypass query
The current PAM auth bypass query which was contributed by me a few months back, alert on a vulenrable function but does not check if the function is actually function. This leads to a lot of fasle positives. With this PR, I add a taint-tracking configuration to check if the username parameter can actually be supplied by an attacker. This should bring the FP's significantly down.
This commit is contained in:
Porcupiney Hairs
committed by
porcupineyhairs
porcupineyhairs
parent
a964325724
commit
db231a111c
4
python/ql/lib/change-notes/2022-11-17-py-pam-improve.md
Normal file
4
python/ql/lib/change-notes/2022-11-17-py-pam-improve.md
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* Converted `py/pam-auth-bypass` to a data-flow query, resulting in significantly lower false positives.
|
||||
Reference in New Issue
Block a user