From e4b8a0e06dcfd027ea28bf73f0ab2c564d8c47e7 Mon Sep 17 00:00:00 2001
From: amammad <amg2027amg@gmail.com>
Date: Thu, 23 Feb 2023 21:45:33 +0100
Subject: [PATCH] v1.1

---
 .../experimental/CWE-502/YAMLUnsafeYamlDeserialization.ql    | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ruby/ql/src/experimental/CWE-502/YAMLUnsafeYamlDeserialization.ql b/ruby/ql/src/experimental/CWE-502/YAMLUnsafeYamlDeserialization.ql
index 668dc822b15..e8b3fb761f4 100644
--- a/ruby/ql/src/experimental/CWE-502/YAMLUnsafeYamlDeserialization.ql
+++ b/ruby/ql/src/experimental/CWE-502/YAMLUnsafeYamlDeserialization.ql
@@ -18,6 +18,7 @@ import codeql.ruby.DataFlow
 import codeql.ruby.dataflow.RemoteFlowSources
 import codeql.ruby.TaintTracking
 import DataFlow::PathGraph
+import codeql.ruby.security.UnsafeDeserializationCustomizations
 
 abstract class YAMLSink extends DataFlow::Node { }
 
@@ -45,8 +46,8 @@ class Configuration extends TaintTracking::Configuration {
 
   override predicate isSource(DataFlow::Node source) {
     // for detecting The CVE we should uncomment following line instead of current RemoteFlowSource
-    source instanceof DataFlow::LocalSourceNode
-    // source instanceof RemoteFlowSource
+    // source instanceof DataFlow::LocalSourceNode
+    source instanceof UnsafeDeserialization::Source
   }
 
   override predicate isSink(DataFlow::Node sink) {