hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Reduce scope of allowImplicitRead to avoid cartesian product.

Browse Source
This commit is contained in:
Joe Farebrother
2025-04-02 09:33:30 +01:00
parent 2d6476ad21
commit c37809a187
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/src/Variables/LoopVariableCapture/LoopVariableCapture.ql
View File

@@ -62,7 +62,12 @@ module EscapingCaptureFlowConfig implements DataFlow::ConfigSig {
predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet cs) {
isSink(node) and
exists(cs)
(
cs instanceof DataFlow::TupleElementContent or
cs instanceof DataFlow::ListElementContent or
cs instanceof DataFlow::SetElementContent or
cs instanceof DataFlow::DictionaryElementAnyContent
)
}
}