Skip to content

Commit 5f16472

Browse files
d10cd10c
committed
Ruby: MissingFullAnchor
1 parent 2e353c5 commit 5f16472

File tree

1 file changed

+8
-2
lines changed

1 file changed

+8
-2
lines changed

ruby/ql/lib/codeql/ruby/security/regexp/MissingFullAnchorQuery.qll

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,14 @@ private module MissingFullAnchorConfig implements DataFlow::ConfigSig {
1818

1919
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
2020

21-
predicate observeDiffInformedIncrementalMode() {
22-
any() // TODO: Make sure that the location overrides match the query's select clause: Column 7 selects sink.getCallNode (/Users/d10c/src/semmle-code/ql/ruby/ql/src/queries/security/cwe-020/MissingFullAnchor.ql@20:41:20:62), Column 9 selects sink.getRegex (/Users/d10c/src/semmle-code/ql/ruby/ql/src/queries/security/cwe-020/MissingFullAnchor.ql@20:76:20:94)
21+
predicate observeDiffInformedIncrementalMode() { any() }
22+
23+
Location getASelectedSinkLocation(DataFlow::Node sink) {
24+
result = sink.getLocation()
25+
or
26+
result = sink.(Sink).getCallNode().getLocation()
27+
or
28+
result = sink.(Sink).getRegex().getLocation()
2329
}
2430
}
2531

0 commit comments

Comments
 (0)