Rust: Abstractions then implementations.

Author: geoffw0

rust/ql/lib/codeql/rust/security/regex/RegexInjectionExtensions.qll

@@ -32,6 +32,17 @@ module RegexInjection {
    */
   abstract class Barrier extends DataFlow::Node { }
 
+  /**
+   * A unit class for adding additional flow steps.
+   */
+  class AdditionalFlowStep extends Unit {
+    /**
+     * Holds if the step from `node1` to `node2` should be considered a flow
+     * step for paths related to regular expression injection vulnerabilities.
+     */
+    abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
+  }
+
   /**
    * An active threat-model source, considered as a flow source.
    */
@@ -59,17 +70,6 @@ module RegexInjection {
     ModelsAsDataSink() { sinkNode(this, "regex-use") }
   }
 
-  /**
-   * A unit class for adding additional flow steps.
-   */
-  class AdditionalFlowStep extends Unit {
-    /**
-     * Holds if the step from `node1` to `node2` should be considered a flow
-     * step for paths related to regular expression injection vulnerabilities.
-     */
-    abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
-  }
-
   /**
    * An escape barrier for regular expression injection vulnerabilities.
    */