Merge pull request #8702 from jketema/command-line-sanitizer

C++: Use `isSanitizerOut(DataFlow::Node node)` in `cpp/command-line-injection`
2026-05-03 04:39:29 +02:00 · 2022-04-08 23:42:35 +02:00
parent 3d41a5cae3 83d35a9a96
commit 4cfe04567f
1 changed files with 2 additions and 2 deletions
--- a/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
+++ b/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
@@ -116,8 +116,8 @@ class ExecTaintConfiguration extends TaintTracking::Configuration {
    state instanceof ConcatState
  }

-  override predicate isSanitizerOut(DataFlow::Node node, DataFlow::FlowState state) {
-    isSink(node, state) // Prevent duplicates along a call chain, since `shellCommand` will include wrappers
+  override predicate isSanitizerOut(DataFlow::Node node) {
+    isSink(node, _) // Prevent duplicates along a call chain, since `shellCommand` will include wrappers
  }
 }