Modify isAdditionalTaintStep

Author: haby0

java/ql/src/experimental/Security/CWE/CWE-094/JShellInjection.ql

@@ -12,7 +12,6 @@
 
 import java
 import JShellInjection
-import semmle.code.java.dataflow.DataFlow2
 import semmle.code.java.dataflow.FlowSources
 import DataFlow::PathGraph
 
@@ -24,12 +23,12 @@ class JShellInjectionConfiguration extends TaintTracking::Configuration {
   override predicate isSink(DataFlow::Node sink) { sink instanceof JShellInjectionSink }
 
   override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
-    exists(
-      SourceCodeAnalysisAnalyzeCompletionCall scaacc, CompletionInfoSourceOrRemainingCall cisorc
-    |
-      scaacc.getArgument(0) = pred.asExpr() and
-      cisorc = succ.asExpr() and
-      DataFlow2::localExprFlow(scaacc, cisorc.getQualifier())
+    exists(SourceCodeAnalysisAnalyzeCompletionCall scaacc |
+      scaacc.getArgument(0) = pred.asExpr() and scaacc = succ.asExpr()
+    )
+    or
+    exists(CompletionInfoSourceOrRemainingCall cisorc |
+      cisorc.getQualifier() = pred.asExpr() and cisorc = succ.asExpr()
     )
   }
 }