mirror of
https://github.com/github/codeql.git
synced 2025-12-19 10:23:15 +01:00
fdca896614
rb/incomplete-sanitization has a few cases where we find flow from one
one string substitution call to another, e.g.
a.sub(...).sub(...)
But this didn't find typical chained uses of the destructive variants,
e.g.
a.sub!(...)
a.sub!(...)
We now handle those cases by tracking flow from the post-update node for
the receiver of the first call.