From 94343254e345b3966df6744641fc93a6efae1f2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 14 Oct 2025 13:28:30 +0200
Subject: [PATCH] JS/ShellCommandInjectionFromEnvironmentQuery

javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql
---
 .../dataflow/ShellCommandInjectionFromEnvironmentQuery.qll      | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/ShellCommandInjectionFromEnvironmentQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/ShellCommandInjectionFromEnvironmentQuery.qll
index 1d396da5b20..34cee84aaae 100644
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/ShellCommandInjectionFromEnvironmentQuery.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/ShellCommandInjectionFromEnvironmentQuery.qll
@@ -31,6 +31,8 @@ module ShellCommandInjectionFromEnvironmentConfig implements DataFlow::ConfigSig
   predicate observeDiffInformedIncrementalMode() { any() }
 
   Location getASelectedSinkLocation(DataFlow::Node sink) {
+    result = sink.getLocation()
+    or
     exists(DataFlow::Node node |
       isSinkWithHighlight(sink, node) and
       result = node.getLocation()