From bdfd46111fb7823a61113045af6bda60031748bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= <pwntester@github.com>
Date: Mon, 1 Apr 2024 10:51:26 +0200
Subject: [PATCH] Only triggered on non-pull_request events

---
 ql/src/Security/CWE-077/PrivilegedEnvVarInjection.ql | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/ql/src/Security/CWE-077/PrivilegedEnvVarInjection.ql b/ql/src/Security/CWE-077/PrivilegedEnvVarInjection.ql
index bce9494a43f..6508b458629 100644
--- a/ql/src/Security/CWE-077/PrivilegedEnvVarInjection.ql
+++ b/ql/src/Security/CWE-077/PrivilegedEnvVarInjection.ql
@@ -16,11 +16,16 @@ import actions
 import codeql.actions.security.EnvVarInjectionQuery
 import EnvVarInjectionFlow::PathGraph
 
+predicate isSingleTriggerWorkflow(Workflow w, string trigger) {
+  w.getATriggerEvent() = trigger and
+  count(string t | w.getATriggerEvent() = t | t) = 1
+}
+
 from EnvVarInjectionFlow::PathNode source, EnvVarInjectionFlow::PathNode sink, Workflow w
 where
   EnvVarInjectionFlow::flowPath(source, sink) and
   w = source.getNode().asExpr().getEnclosingWorkflow() and
-  w.hasTriggerEvent(source.getNode().(RemoteFlowSource).getATriggerEvent())
+  not isSingleTriggerWorkflow(w, "pull_request")
 select sink.getNode(), source, sink,
   "Potential privileged environment variable injection in $@, which may be controlled by an external user.",
   sink, sink.getNode().asExpr().(Expression).getRawExpression()