Add LocalFlowSource back to UncontrolledFormatString

egregius313 · egregius313 · commit f488f23a48db · 2024-02-29T12:06:59.000-05:00
diff --git a/csharp/ql/src/Security Features/CWE-134/UncontrolledFormatString.ql b/csharp/ql/src/Security Features/CWE-134/UncontrolledFormatString.ql
@@ -17,7 +17,9 @@ import semmle.code.csharp.frameworks.Format
 import FormatString::PathGraph
 
 module FormatStringConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) {
+    source instanceof ThreatModelFlowSource or source instanceof LocalFlowSource
+  }
 
   predicate isSink(DataFlow::Node sink) {
     sink.asExpr() = any(FormatCall call | call.hasInsertions()).getFormatExpr()
