Merge pull request github#12837 from geoffw0/flowsources

geoffw0 · web-flow · commit b1712d33fe8c · 2023-04-25T14:03:58.000+01:00
Swift: widen swift/predicate-injection sources
diff --git a/swift/ql/lib/codeql/swift/security/InsecureTLSQuery.qll b/swift/ql/lib/codeql/swift/security/InsecureTLSQuery.qll
@@ -6,7 +6,6 @@
 import swift
 import codeql.swift.dataflow.DataFlow
 import codeql.swift.dataflow.TaintTracking
-import codeql.swift.dataflow.FlowSources
 import codeql.swift.security.InsecureTLSExtensions
 
 /**
diff --git a/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll b/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll
@@ -13,7 +13,7 @@ private import codeql.swift.security.PredicateInjectionExtensions
  * A taint-tracking configuration for predicate injection vulnerabilities.
  */
 module PredicateInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof FlowSource }
 
   predicate isSink(DataFlow::Node sink) { sink instanceof PredicateInjectionSink }
 
