From bdcf4198e60b9957f0da04a204d13fa028e362e1 Mon Sep 17 00:00:00 2001
From: "lcartey@github.com" <lcartey@github.com>
Date: Tue, 30 Jun 2020 11:01:17 +0100
Subject: [PATCH] Add additional Hibernate SQL sinks

---
 java/ql/src/semmle/code/java/frameworks/Hibernate.qll | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/java/ql/src/semmle/code/java/frameworks/Hibernate.qll b/java/ql/src/semmle/code/java/frameworks/Hibernate.qll
index fdc237aac8a..1366b3cac45 100644
--- a/java/ql/src/semmle/code/java/frameworks/Hibernate.qll
+++ b/java/ql/src/semmle/code/java/frameworks/Hibernate.qll
@@ -10,11 +10,11 @@ class HibernateSession extends RefType {
 }
 
 /**
- * Holds if `m` is a method on `HibernateSession` taking an SQL string as its
- * first argument.
+ * Holds if `m` is a method on `HibernateSession`, or a subclass, taking an SQL
+ * string as its first argument.
  */
 predicate hibernateSqlMethod(Method m) {
-  m.getDeclaringType() instanceof HibernateSession and
+  m.getDeclaringType().getASourceSupertype*() instanceof HibernateSession and
   m.getParameterType(0) instanceof TypeString and
   (
     m.hasName("createQuery") or