From 67b6f215dc0b315a5d5ee6021943dc6ecc98664e Mon Sep 17 00:00:00 2001
From: yoff <lerchedahl@gmail.com>
Date: Tue, 28 Jun 2022 08:05:53 +0200
Subject: [PATCH] Apply suggestions from code review

Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
---
 .../python/security/dataflow/TarSlipCustomizations.qll       | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/python/ql/lib/semmle/python/security/dataflow/TarSlipCustomizations.qll b/python/ql/lib/semmle/python/security/dataflow/TarSlipCustomizations.qll
index 8795bd31c27..db062a23088 100644
--- a/python/ql/lib/semmle/python/security/dataflow/TarSlipCustomizations.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/TarSlipCustomizations.qll
@@ -112,8 +112,9 @@ module TarSlip {
   /**
    * A sanitizer guard heuristic.
    *
-   * For a "check-like function-name" (matching `"%path"`), `checkPath`,
-   * and a call `checkPath(info.name)`, the variable `info` is considered checked.
+   * The test `if <check_path>(info.name)` should clear taint for `info`,
+   * where `<check_path>` is any function matching `"%path"`.
+   * `info` is assumed to be a `TarInfo` instance.
    */
   class TarFileInfoSanitizer extends SanitizerGuard {
     ControlFlowNode tarInfo;