Refactor NFEAndroidDoS

egregius313 · egregius313 · commit 6e4e1e52c0d2 · 2023-04-12T20:37:35.000-04:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql b/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql
@@ -17,19 +17,17 @@ import java
 import semmle.code.java.frameworks.android.Intent
 import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.NumberFormatException
-import DataFlow::PathGraph
+import NfeLocalDoSFlow::PathGraph
 
 /**
  * Taint configuration tracking flow from untrusted inputs to number conversion calls in exported Android compononents.
  */
-class NfeLocalDoSConfiguration extends TaintTracking::Configuration {
-  NfeLocalDoSConfiguration() { this = "NFELocalDoSConfiguration" }
-
+module NfeLocalDoSConfig implements DataFlow::ConfigSig {
   /** Holds if source is a remote flow source */
-  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
   /** Holds if NFE is thrown but not caught */
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(Expr e |
       e.getEnclosingCallable().getDeclaringType().(ExportableAndroidComponent).isExported() and
       throwsNfe(e) and
@@ -42,8 +40,10 @@ class NfeLocalDoSConfiguration extends TaintTracking::Configuration {
   }
 }
 
-from DataFlow::PathNode source, DataFlow::PathNode sink, NfeLocalDoSConfiguration conf
-where conf.hasFlowPath(source, sink)
+module NfeLocalDoSFlow = TaintTracking::Global<NfeLocalDoSConfig>;
+
+from NfeLocalDoSFlow::PathNode source, NfeLocalDoSFlow::PathNode sink
+where NfeLocalDoSFlow::flowPath(source, sink)
 select sink.getNode(), source, sink,
   "Uncaught NumberFormatException in an exported Android component due to $@.", source.getNode(),
   "user-provided value"
