robojerk/codeql-action

Only flag up the deepest properties

Browse source
This commit is contained in:
Henry Mercer 2023-05-30 19:50:56 +01:00
parent eb1c7a3887
commit 86ead5e019
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
queries/default-setup-event-context.ql
View file

@ -25,7 +25,9 @@ class EventContextAccessConfiguration extends DataFlow::Configuration {
} }
override predicate isSink(DataFlow::Node sink, DataFlow::FlowLabel lbl) { override predicate isSink(DataFlow::Node sink, DataFlow::FlowLabel lbl) {
sink instanceof DataFlow::PropRead and lbl instanceof ParsedLabel sink instanceof DataFlow::PropRead and
lbl instanceof ParsedLabel and
not exists(DataFlow::PropRead n | sink = n.getBase())
} }
override predicate isAdditionalFlowStep( override predicate isAdditionalFlowStep(