From 578355ac27965e3a730e75d2813b5320a8591d5c Mon Sep 17 00:00:00 2001
From: Asger F <asgerf@github.com>
Date: Tue, 11 Nov 2025 14:47:09 +0100
Subject: [PATCH] JS: Fix bad join in CallGraphs.qll

---
 .../javascript/dataflow/internal/CallGraphs.qll       | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/CallGraphs.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/CallGraphs.qll
index cc4c883381e..67f4e55a5bb 100644
--- a/javascript/ql/lib/semmle/javascript/dataflow/internal/CallGraphs.qll
+++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/CallGraphs.qll
@@ -97,9 +97,14 @@ module CallGraph {
       not exists(read.getPropertyName()) and
       result = read and
       // there exists only local reads of the object, nothing else.
-      forex(DataFlow::Node ref | ref = obj.getALocalUse() and exists(ref.asExpr()) |
-        ref = [obj, any(DataFlow::PropRead r).getBase()]
-      )
+      objectOnlyUsedForPropRead(obj)
+    )
+  }
+
+  pragma[nomagic]
+  private predicate objectOnlyUsedForPropRead(DataFlow::ObjectLiteralNode obj) {
+    forex(DataFlow::Node ref | ref = obj.getALocalUse() and exists(ref.asExpr()) |
+      ref = [obj, any(DataFlow::PropRead r).getBase()]
     )
   }