C#: Re-factor ReDoS to use the new API.

michaelnebel · michaelnebel · commit 377b2d751560 · 2023-04-13T10:08:40.000+02:00
diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ReDoSQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ReDoSQuery.qll
@@ -25,9 +25,11 @@ abstract class Sink extends DataFlow::ExprNode { }
 abstract class Sanitizer extends DataFlow::ExprNode { }
 
 /**
+ * DEPRECATED: Use `ReDoS` instead.
+ *
  * A taint-tracking configuration for untrusted user input used in dangerous regular expression operations.
  */
-class TaintTrackingConfiguration extends TaintTracking::Configuration {
+deprecated class TaintTrackingConfiguration extends TaintTracking::Configuration {
   TaintTrackingConfiguration() { this = "ReDoS" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof Source }
@@ -37,6 +39,22 @@ class TaintTrackingConfiguration extends TaintTracking::Configuration {
   override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
 }
 
+/**
+ * A taint-tracking configuration for untrusted user input used in dangerous regular expression operations.
+ */
+private module ReDoSConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof Source }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
+}
+
+/**
+ * A taint-tracking module for untrusted user input used in dangerous regular expression operations.
+ */
+module ReDoS = TaintTracking::Global<ReDoSConfig>;
+
 /** A source of remote user input. */
 class RemoteSource extends Source instanceof RemoteFlowSource { }
 
diff --git a/csharp/ql/src/Security Features/CWE-730/ReDoS.ql b/csharp/ql/src/Security Features/CWE-730/ReDoS.ql
@@ -16,11 +16,11 @@
 import csharp
 import semmle.code.csharp.security.dataflow.ReDoSQuery
 import semmle.code.csharp.frameworks.system.text.RegularExpressions
-import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
+import ReDoS::PathGraph
 
-from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
+from ReDoS::PathNode source, ReDoS::PathNode sink
 where
-  c.hasFlowPath(source, sink) and
+  ReDoS::flowPath(source, sink) and
   // No global timeout set
   not exists(RegexGlobalTimeout r) and
   (
