jorgectf
diff --git a/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjection.java renamed to ‎java/ql/src/Security/CWE/CWE-074/JndiInjection.java b/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjection.java renamed to ‎java/ql/src/Security/CWE/CWE-074/JndiInjection.java
diff --git a/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjection.qhelp renamed to ‎java/ql/src/Security/CWE/CWE-074/JndiInjection.qhelp b/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjection.qhelp renamed to ‎java/ql/src/Security/CWE/CWE-074/JndiInjection.qhelp
diff --git a/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjection.ql renamed to ‎java/ql/src/Security/CWE/CWE-074/JndiInjection.ql b/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjection.ql renamed to ‎java/ql/src/Security/CWE/CWE-074/JndiInjection.ql
diff --git a/‎java/ql/src/Security/CWE/CWE-074/JndiInjectionLib.qll
Lines changed: 26 additions & 0 deletions b/‎java/ql/src/Security/CWE/CWE-074/JndiInjectionLib.qll
Lines changed: 26 additions & 0 deletions
diff --git a/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjectionLib.qll renamed to ‎java/ql/src/semmle/code/java/security/Jndi.qll
Lines changed: 0 additions & 22 deletions b/‎java/ql/src/experimental/Security/CWE/CWE-074/JndiInjectionLib.qll renamed to ‎java/ql/src/semmle/code/java/security/Jndi.qll
Lines changed: 0 additions & 22 deletions
diff --git a/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/JndiInjection.qlref
Lines changed: 0 additions & 1 deletion b/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/JndiInjection.qlref
Lines changed: 0 additions & 1 deletion
diff --git a/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/options
Lines changed: 0 additions & 1 deletion b/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/options
Lines changed: 0 additions & 1 deletion
diff --git a/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/JndiInjection.expected renamed to ‎java/ql/test/query-tests/security/CWE-074/JndiInjection.expected b/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/JndiInjection.expected renamed to ‎java/ql/test/query-tests/security/CWE-074/JndiInjection.expected
diff --git a/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/JndiInjection.java renamed to ‎java/ql/test/query-tests/security/CWE-074/JndiInjection.java b/‎java/ql/test/experimental/query-tests/security/CWE-074-JndiInjection/JndiInjection.java renamed to ‎java/ql/test/query-tests/security/CWE-074/JndiInjection.java
diff --git a/‎java/ql/test/query-tests/security/CWE-074/JndiInjection.qlref
Lines changed: 1 addition & 0 deletions b/‎java/ql/test/query-tests/security/CWE-074/JndiInjection.qlref
Lines changed: 1 addition & 0 deletions
@@ -0,0 +1,26 @@
+import java
+import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.security.Jndi
+import DataFlow
+
+/**
+ * A taint-tracking configuration for unvalidated user input that is used in JNDI lookup.
+ */
+class JndiInjectionFlowConfig extends TaintTracking::Configuration {
+  JndiInjectionFlowConfig() { this = "JndiInjectionFlowConfig" }
+
+  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
+
+  override predicate isSink(DataFlow::Node sink) { sink instanceof JndiInjectionSink }
+
+  override predicate isSanitizer(DataFlow::Node node) {
+    node.getType() instanceof PrimitiveType or node.getType() instanceof BoxedType
+  }
+
+  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
+    nameStep(node1, node2) or
+    jmxServiceUrlStep(node1, node2) or
+    jmxConnectorStep(node1, node2) or
+    rmiConnectorStep(node1, node2)
+  }
+}
@@ -6,28 +6,6 @@ import experimental.semmle.code.java.frameworks.spring.SpringJndi
 import semmle.code.java.frameworks.SpringLdap
 import experimental.semmle.code.java.frameworks.Shiro
 
-/**
- * A taint-tracking configuration for unvalidated user input that is used in JNDI lookup.
- */
-class JndiInjectionFlowConfig extends TaintTracking::Configuration {
-  JndiInjectionFlowConfig() { this = "JndiInjectionFlowConfig" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof JndiInjectionSink }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    node.getType() instanceof PrimitiveType or node.getType() instanceof BoxedType
-  }
-
-  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
-    nameStep(node1, node2) or
-    jmxServiceUrlStep(node1, node2) or
-    jmxConnectorStep(node1, node2) or
-    rmiConnectorStep(node1, node2)
-  }
-}
-
 /** The class `java.util.Hashtable`. */
 class TypeHashtable extends Class {
   TypeHashtable() { this.getSourceDeclaration().hasQualifiedName("java.util", "Hashtable") }
 
@@ -0,0 +1 @@
+Security/CWE/CWE-074/JndiInjection.ql