From d89aa0f19daf60e06a8c44c8ba7243c900831e7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Wed, 15 Oct 2025 14:03:40 +0200
Subject: [PATCH] C++/CleartextBufferWrite

---
 cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql b/cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql
index c671ad5af7f..c03c433a532 100644
--- a/cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql
+++ b/cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql
@@ -51,7 +51,9 @@ module ToBufferConfig implements DataFlow::ConfigSig {
   predicate observeDiffInformedIncrementalMode() { any() }
 
   Location getASelectedSinkLocation(DataFlow::Node sink) {
-    exists(SensitiveBufferWrite w | result = w.getLocation() | isSinkImpl(sink, w))
+    exists(SensitiveBufferWrite w | result = [w.getLocation(), sink.getLocation()] |
+      isSinkImpl(sink, w)
+    )
   }
 }