Reduce scope of allowImplicitRead to avoid cartesian product.

joefarebrother · joefarebrother · commit c37809a187bf · 2025-04-02T09:35:50.000+01:00
diff --git a/python/ql/src/Variables/LoopVariableCapture/LoopVariableCapture.ql b/python/ql/src/Variables/LoopVariableCapture/LoopVariableCapture.ql
@@ -62,7 +62,12 @@ module EscapingCaptureFlowConfig implements DataFlow::ConfigSig {
 
   predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet cs) {
     isSink(node) and
-    exists(cs)
+    (
+      cs instanceof DataFlow::TupleElementContent or
+      cs instanceof DataFlow::ListElementContent or
+      cs instanceof DataFlow::SetElementContent or
+      cs instanceof DataFlow::DictionaryElementAnyContent
+    )
   }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,12 @@ module EscapingCaptureFlowConfig implements DataFlow::ConfigSig {`
`62`	`62`
`63`	`63`	`predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet cs) {`
`64`	`64`	`isSink(node) and`
`65`		`- exists(cs)`
	`65`	`+ (`
	`66`	`+ cs instanceof DataFlow::TupleElementContent or`
	`67`	`+ cs instanceof DataFlow::ListElementContent or`
	`68`	`+ cs instanceof DataFlow::SetElementContent or`
	`69`	`+ cs instanceof DataFlow::DictionaryElementAnyContent`
	`70`	`+ )`
`66`	`71`	`}`
`67`	`72`	`}`
`68`	`73`