Ruby: Reduce alerts produced by MassAssignment.ql

Author: hvitved

ruby/ql/lib/codeql/ruby/security/MassAssignmentQuery.qll

@@ -43,6 +43,11 @@ private module Config implements DataFlow::StateConfigSig {
     state instanceof FlowState::Permitted
   }
 
+  predicate isBarrierIn(DataFlow::Node node, FlowState state) {
+    node instanceof MassAssignment::Source and
+    state instanceof FlowState::Unpermitted
+  }
+
   predicate isBarrier(DataFlow::Node node) { node instanceof MassAssignment::Sanitizer }
 
   predicate isAdditionalFlowStep(