From 1df81dbfb67543794efd134aa53ea50138183d8f Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Sun, 11 Aug 2024 00:37:25 +0100
Subject: [PATCH] Use `regex-use[receiver]` instead of `regex-use[-1]`

---
 go/ql/lib/semmle/go/frameworks/stdlib/Regexp.qll | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/Regexp.qll b/go/ql/lib/semmle/go/frameworks/stdlib/Regexp.qll
index 2486bbfe0d34..525eb73d5b96 100644
--- a/go/ql/lib/semmle/go/frameworks/stdlib/Regexp.qll
+++ b/go/ql/lib/semmle/go/frameworks/stdlib/Regexp.qll
@@ -9,9 +9,10 @@ module Regexp {
   /**
    * Holds if `kind` is an external sink kind that is relevant for regex flow.
    * `strArg` is the index of the argument to methods with this sink kind that
-   * contain the string to be matched against, where -1 is the qualifier; or -2
-   * if no such argument exists and the function compiles the regex; or -3 if
-   * no such argument exists and the function does not compile the regex.
+   * contain the string to be matched against, where "receiver" indicates the
+   * receiver; or -2  if no such argument exists and the function compiles the
+   * regex; or -3 if no such argument exists and the function does not compile
+   * the regex.
    *
    * So `regex-use[0]` indicates that argument 0 contains the string to matched
    * against, `regex-use[c]` indicates that there is no string to be matched
@@ -25,8 +26,12 @@ module Regexp {
     or
     sinkModel(_, _, _, _, _, _, _, kind, _, _) and
     exists(string strArgStr |
+      strArg >= 0 and
       strArgStr.toInt() = strArg
       or
+      strArg = -1 and
+      strArgStr = "receiver"
+      or
       strArg = -2 and
       strArgStr = "c"
     |