Update ruby/ql/lib/codeql/ruby/frameworks/rack/internal/App.qll

Co-authored-by: Asger F <asgerf@github.com>
2026-04-24 00:05:14 +02:00 · 2023-07-17 14:08:44 +01:00
parent 08784d24b4
commit 06aefe01b8
1 changed files with 4 additions and 6 deletions
--- a/ruby/ql/lib/codeql/ruby/frameworks/rack/internal/App.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/rack/internal/App.qll
@@ -91,12 +91,10 @@ module App {
  /** A read of the query string via `env['QUERY_STRING']`. */
  private class EnvQueryStringRead extends Http::Server::RequestInputAccess::Range {
    EnvQueryStringRead() {
-      exists(RequestHandler handler, DataFlow::ParameterNode env, ConstantValue key |
-        handler.getEnv() = env
-      |
-        this = env.getAnElementRead(key) and
-        key.isStringlikeValue("QUERY_STRING")
-      )
+      this =
+        any(RequestHandler h)
+            .getEnv()
+            .getAnElementRead(ConstantValue::fromStringlikeValue("QUERY_STRING"))
    }

    override string getSourceType() { result = "Rack env" }