Simplify query

edvraa · edvraa · commit 7cbbd6cc895f · 2021-03-31T15:35:54.000+03:00
diff --git a/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.ql b/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.ql
@@ -21,7 +21,7 @@ where
     SafeConstructorTrackingConfig constructorTracking
   |
     constructorTracking.hasFlowPath(constructor, usage) and
-    usage.getNode().asExpr().getParent() = sink.asExpr().getParent()
+    usage.getNode().asExpr().getParent() = deserializeCall
   )
   or
   exists(ConstructorOrStaticMethodSink sink2 | deserializeCall.getAnArgument() = sink2.asExpr())

Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,7 @@ where`
`21`	`21`	`SafeConstructorTrackingConfig constructorTracking`
`22`	`22`	`\|`
`23`	`23`	`constructorTracking.hasFlowPath(constructor, usage) and`
`24`		`- usage.getNode().asExpr().getParent() = sink.asExpr().getParent()`
	`24`	`+ usage.getNode().asExpr().getParent() = deserializeCall`
`25`	`25`	`)`
`26`	`26`	`or`
`27`	`27`	`exists(ConstructorOrStaticMethodSink sink2 \| deserializeCall.getAnArgument() = sink2.asExpr())`