From 6d108c0fa74df8d5417890aabb78092d4457d160 Mon Sep 17 00:00:00 2001
From: Chris Smowton <smowton@github.com>
Date: Tue, 16 Mar 2021 09:00:35 +0000
Subject: [PATCH] Improve docstring for `composedValueAndTaintModelStep`

Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
---
 .../code/java/dataflow/internal/TaintTrackingUtil.qll       | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll b/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
index 212a22af4d9..e4928ae32a4 100644
--- a/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
+++ b/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
@@ -64,9 +64,9 @@ private predicate localAdditionalBasicTaintStep(DataFlow::Node src, DataFlow::No
 }
 
 /**
- * Holds if an additional step from `src` to `sink` can be inferred from a value-preserving step
- * across a method callsite (from input to input, or input to result) and a taint-preserving step
- * across the same callsite from a different input. For example, if we know that `f(a, b)` returns
+ * Holds if an additional step from `src` to `sink` through a call can be inferred from the
+ * combination of a value-preserving step providing an alias between an input and the output
+ * and a taint step from `src` to one the aliased nodes. For example, if we know that `f(a, b)` returns
  * the exact value of `a` and also propagates taint from `b` to its result, then we also know that
  * `a` is tainted after `f` completes, and vice versa.
  */