Java: Don't use the deprecated Configuration2

jbj · jbj · commit 9ac0cdd2a248 · 2019-08-20T13:45:37.000+02:00
diff --git a/java/ql/src/Security/CWE/CWE-079/XSS.ql b/java/ql/src/Security/CWE/CWE-079/XSS.ql
@@ -12,10 +12,11 @@
 
 import java
 import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.dataflow.TaintTracking2
 import semmle.code.java.security.XSS
 import DataFlow2::PathGraph
 
-class XSSConfig extends TaintTracking::Configuration2 {
+class XSSConfig extends TaintTracking2::Configuration {
   XSSConfig() { this = "XSSConfig" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
diff --git a/java/ql/src/Security/CWE/CWE-079/XSSLocal.ql b/java/ql/src/Security/CWE/CWE-079/XSSLocal.ql
@@ -12,10 +12,11 @@
 
 import java
 import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.dataflow.TaintTracking2
 import semmle.code.java.security.XSS
 import DataFlow2::PathGraph
 
-class XSSLocalConfig extends TaintTracking::Configuration2 {
+class XSSLocalConfig extends TaintTracking2::Configuration {
   XSSLocalConfig() { this = "XSSLocalConfig" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
diff --git a/java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql b/java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql
@@ -14,6 +14,7 @@
 
 import java
 import semmle.code.java.dataflow.DataFlow
+import semmle.code.java.dataflow.TaintTracking2
 import semmle.code.java.security.XSS
 
 /**
@@ -80,7 +81,7 @@ predicate stackTraceExpr(Expr exception, MethodAccess stackTraceString) {
   )
 }
 
-class StackTraceStringToXssSinkFlowConfig extends TaintTracking::Configuration2 {
+class StackTraceStringToXssSinkFlowConfig extends TaintTracking2::Configuration {
   StackTraceStringToXssSinkFlowConfig() {
     this = "StackTraceExposure::StackTraceStringToXssSinkFlowConfig"
   }
@@ -119,7 +120,7 @@ class GetMessageFlowSource extends MethodAccess {
   }
 }
 
-class GetMessageFlowSourceToXssSinkFlowConfig extends TaintTracking::Configuration2 {
+class GetMessageFlowSourceToXssSinkFlowConfig extends TaintTracking2::Configuration {
   GetMessageFlowSourceToXssSinkFlowConfig() {
     this = "StackTraceExposure::GetMessageFlowSourceToXssSinkFlowConfig"
   }
diff --git a/java/ql/src/Security/CWE/CWE-611/XXE.ql b/java/ql/src/Security/CWE/CWE-611/XXE.ql
@@ -13,9 +13,10 @@
 import java
 import XmlParsers
 import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.dataflow.TaintTracking2
 import DataFlow::PathGraph
 
-class SafeSAXSourceFlowConfig extends TaintTracking::Configuration2 {
+class SafeSAXSourceFlowConfig extends TaintTracking2::Configuration {
   SafeSAXSourceFlowConfig() { this = "XmlParsers::SafeSAXSourceFlowConfig" }
 
   override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeSAXSource }

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@`
`14`	`14`
`15`	`15`	`import java`
`16`	`16`	`import semmle.code.java.dataflow.DataFlow`
	`17`	`+import semmle.code.java.dataflow.TaintTracking2`
`17`	`18`	`import semmle.code.java.security.XSS`
`18`	`19`
`19`	`20`	`/**`
`@@ -80,7 +81,7 @@ predicate stackTraceExpr(Expr exception, MethodAccess stackTraceString) {`
`80`	`81`	`)`
`81`	`82`	`}`
`82`	`83`
`83`		`-class StackTraceStringToXssSinkFlowConfig extends TaintTracking::Configuration2 {`
	`84`	`+class StackTraceStringToXssSinkFlowConfig extends TaintTracking2::Configuration {`
`84`	`85`	`StackTraceStringToXssSinkFlowConfig() {`
`85`	`86`	`this = "StackTraceExposure::StackTraceStringToXssSinkFlowConfig"`
`86`	`87`	`}`
`@@ -119,7 +120,7 @@ class GetMessageFlowSource extends MethodAccess {`
`119`	`120`	`}`
`120`	`121`	`}`
`121`	`122`
`122`		`-class GetMessageFlowSourceToXssSinkFlowConfig extends TaintTracking::Configuration2 {`
	`123`	`+class GetMessageFlowSourceToXssSinkFlowConfig extends TaintTracking2::Configuration {`
`123`	`124`	`GetMessageFlowSourceToXssSinkFlowConfig() {`
`124`	`125`	`this = "StackTraceExposure::GetMessageFlowSourceToXssSinkFlowConfig"`
`125`	`126`	`}`