diff --git a/ql/src/experimental/CWE-327/InsecureTLS.ql b/ql/src/experimental/CWE-327/InsecureTLS.ql
index 1a8094809f4..10181390c55 100644
--- a/ql/src/experimental/CWE-327/InsecureTLS.ql
+++ b/ql/src/experimental/CWE-327/InsecureTLS.ql
@@ -239,8 +239,8 @@ where
   // Exclude sources or sinks that occur lexically within a block related to a feature or legacy flag
   not astNodeIsFlag([source, sink].getNode().asExpr().getParent*(), [featureFlag(), legacyFlag()]) and
   // Exclude results in functions whose name documents insecurity
-  not exists(FuncDef fn | fn = sink.getNode().asInstruction().getRoot() |
-    isFeatureFlagName(fn.getEnclosingFunction*().getName()) or
-    isLegacyFlagName(fn.getEnclosingFunction*().getName())
+  not exists(FuncDef fn | fn = sink.getNode().getRoot().getEnclosingFunction*() |
+    isFeatureFlagName(fn.getName()) or
+    isLegacyFlagName(fn.getName())
   )
 select sink.getNode(), source, sink, message