Allow implicit read steps on sinks

Author: joefarebrother

ruby/ql/lib/codeql/ruby/security/CleartextLoggingQuery.qll

@@ -44,6 +44,11 @@ private module Config implements DataFlow::ConfigSig {
   predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
     CL::isAdditionalTaintStep(nodeFrom, nodeTo)
   }
+
+  predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet cs) {
+    exists(cs) and
+    isSink(node)
+  }
 }
 
 /**

ruby/ql/lib/codeql/ruby/security/CleartextStorageQuery.qll

@@ -43,6 +43,11 @@ private module Config implements DataFlow::ConfigSig {
   predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
     CS::isAdditionalTaintStep(nodeFrom, nodeTo)
   }
+
+  predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet cs) {
+    exists(cs) and
+    isSink(node)
+  }
 }
 
 /**