From 6519bd990911f4b2af64bb78b1c2d22b698f5061 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 14 Oct 2025 14:15:08 +0200
Subject: [PATCH] Ruby/PolynomialReDoSQuery

ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql
---
 .../ql/lib/codeql/ruby/security/regexp/PolynomialReDoSQuery.qll | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ruby/ql/lib/codeql/ruby/security/regexp/PolynomialReDoSQuery.qll b/ruby/ql/lib/codeql/ruby/security/regexp/PolynomialReDoSQuery.qll
index 81179717e01..7ff62771462 100644
--- a/ruby/ql/lib/codeql/ruby/security/regexp/PolynomialReDoSQuery.qll
+++ b/ruby/ql/lib/codeql/ruby/security/regexp/PolynomialReDoSQuery.qll
@@ -24,6 +24,8 @@ private module PolynomialReDoSConfig implements DataFlow::ConfigSig {
   predicate observeDiffInformedIncrementalMode() { none() }
 
   Location getASelectedSinkLocation(DataFlow::Node sink) {
+    result = sink.(Sink).getLocation()
+    or
     result = sink.(Sink).getHighlight().getLocation()
     or
     result = sink.(Sink).getRegExp().getRootTerm().getLocation()