From b2cb585bf231f75f59506a5ce9a3f190da3587ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 24 Jun 2025 15:36:43 +0200
Subject: [PATCH] UnsafeDeserialization: add missing `getASelectedSinkLocation`
 override

This fixes the failing diff-informed consistency check.
---
 .../semmle/code/java/security/UnsafeDeserializationQuery.qll  | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll b/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
index b16770c222b..e10c6cebaf6 100644
--- a/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
@@ -323,6 +323,10 @@ private module UnsafeDeserializationConfig implements DataFlow::ConfigSig {
   predicate isBarrier(DataFlow::Node node) { isUnsafeDeserializationSanitizer(node) }
 
   predicate observeDiffInformedIncrementalMode() { any() }
+
+  Location getASelectedSinkLocation(DataFlow::Node sink) {
+    result = sink.(UnsafeDeserializationSink).getMethodCall().getLocation()
+  }
 }
 
 module UnsafeDeserializationFlow = TaintTracking::Global<UnsafeDeserializationConfig>;