remove the isAdditionalTaintStep predicate from UnsafeHtmlConstructionQuery, as it was not needed

2026-04-29 02:35:15 +02:00 · 2023-01-23 15:27:19 +01:00
parent 7c6ee5f293
commit ae00518ddf
1 changed files with 0 additions and 16 deletions
--- a/ruby/ql/lib/codeql/ruby/security/UnsafeHtmlConstructionQuery.qll
+++ b/ruby/ql/lib/codeql/ruby/security/UnsafeHtmlConstructionQuery.qll
@@ -30,20 +30,4 @@ class Configuration extends TaintTracking::Configuration {
  override DataFlow::FlowFeature getAFeature() {
    result instanceof DataFlow::FeatureHasSourceCallContext
  }
-
-  override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
-    // if an array element gets tainted, then we treat the entire array as tainted
-    exists(DataFlow::CallNode call |
-      call.getMethodName() = ["<<", "push", "append"] and
-      call.getReceiver() = succ and
-      pred = call.getArgument(0) and
-      call.getNumberOfArguments() = 1
-    )
-    or
-    exists(DataFlow::CallNode call |
-      call.getMethodName() = "[]" and
-      succ = call and
-      pred = call.getArgument(_)
-    )
-  }
 }