From 45c39e6072efae3f410e727cb72e77641f219201 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Tue, 8 Aug 2023 09:01:23 +0200
Subject: [PATCH] limit field flow when tracking regex strings in Java

---
 java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll b/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll
index f517d6dec64..a2db234bd36 100644
--- a/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll
+++ b/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll
@@ -148,6 +148,8 @@ private module RegexFlowConfig implements DataFlow::ConfigSig {
   predicate isBarrier(DataFlow::Node node) {
     node.getEnclosingCallable().getDeclaringType() instanceof NonSecurityTestClass
   }
+
+  int fieldFlowBranchLimit() { result = 1 }
 }
 
 private module RegexFlow = DataFlow::Global<RegexFlowConfig>;