From d8df3ff6b3ca33598e2968b015cd318587fa46b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= <pwntester@github.com>
Date: Fri, 9 Aug 2024 17:05:41 +0200
Subject: [PATCH] Use ControlCheck.dominates in the ImproperAccessControl query

---
 ql/src/Security/CWE-285/ImproperAccessControl.ql | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/ql/src/Security/CWE-285/ImproperAccessControl.ql b/ql/src/Security/CWE-285/ImproperAccessControl.ql
index 3fc94d1aa22..2c7882604b2 100644
--- a/ql/src/Security/CWE-285/ImproperAccessControl.ql
+++ b/ql/src/Security/CWE-285/ImproperAccessControl.ql
@@ -20,11 +20,6 @@ where
   job.getATriggerEvent() = event and
   event.getName() = "pull_request_target" and
   event.getAnActivityType() = "synchronize" and
-  job.getAStep() = checkout and
-  (
-    checkout.getIf() = check
-    or
-    checkout.getEnclosingJob().getIf() = check
-  )
-select checkout, "The checked-out code can be changed after the authorization check o step $@.",
-  check, check.toString()
+  check.dominates(checkout)
+select checkout, "The checked-out code can be modified after the authorization check $@.", check,
+  check.toString()