mirror of
https://github.com/github/codeql.git
synced 2026-04-22 15:25:18 +02:00
Ruby: Reduce alerts produced by MassAssignment.ql
This commit is contained in:
@@ -43,6 +43,11 @@ private module Config implements DataFlow::StateConfigSig {
|
||||
state instanceof FlowState::Permitted
|
||||
}
|
||||
|
||||
predicate isBarrierIn(DataFlow::Node node, FlowState state) {
|
||||
node instanceof MassAssignment::Source and
|
||||
state instanceof FlowState::Unpermitted
|
||||
}
|
||||
|
||||
predicate isBarrier(DataFlow::Node node) { node instanceof MassAssignment::Sanitizer }
|
||||
|
||||
predicate isAdditionalFlowStep(
|
||||
|
||||
Reference in New Issue
Block a user