hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
db231a111c3690c6358942a55b78bb5c3669c748
codeql/python
History
Porcupiney Hairs db231a111c Python : Improve the PAM authentication bypass query 
The current PAM auth bypass query which was contributed by me a few months back, alert on a vulenrable function but does not check if the function is actually function. This leads to a lot of fasle positives.

With this PR, I add a taint-tracking configuration to check if the username parameter can actually be supplied by an attacker.

This should bring the FP's significantly down.
2022-11-19 01:29:25 +05:30
..
.vscode
Python: add debug based on location snippet
2022-10-20 21:20:24 +02:00
config/suites/lgtm
Drop: ImportAdditionalLibraries.ql
2019-06-28 15:53:07 +02:00
downgrades
Python: adjust downgrade script location and format
2022-02-02 14:23:21 -08:00
old-change-notes
python: modern change note
2022-01-31 11:27:55 +01:00
PoCs
spelling: retrieval
2022-10-13 11:21:09 -04:00
ql
Python : Improve the PAM authentication bypass query
2022-11-19 01:29:25 +05:30
tools/recorded-call-graph-metrics
qlpacks: libraryPathDependencies -> dependencies
2022-10-28 16:07:36 +01:00