C#: Re-factor ConditionalBypass to use the new API.

Author: michaelnebel

csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll

@@ -30,6 +30,8 @@ abstract class Sink extends DataFlow::ExprNode {
 abstract class Sanitizer extends DataFlow::ExprNode { }
 
 /**
+ * DEPRECATED: Use `ConditionalBypass` instead.
+ *
  * A taint-tracking configuration for user-controlled bypass of sensitive method.
  */
 class Configuration extends TaintTracking::Configuration {
@@ -42,6 +44,22 @@ class Configuration extends TaintTracking::Configuration {
   override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
 }
 
+/**
+ * A taint-tracking configuration for user-controlled bypass of sensitive method.
+ */
+private module ConditionalBypassConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof Source }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
+}
+
+/**
+ * A taint-tracking module for user-controlled bypass of sensitive method.
+ */
+module ConditionalBypass = TaintTracking::Global<ConditionalBypassConfig>;
+
 /** A source of remote user input. */
 class RemoteSource extends Source instanceof RemoteFlowSource { }
 

csharp/ql/src/Security Features/CWE-807/ConditionalBypass.ql

@@ -15,9 +15,9 @@
 
 import csharp
 import semmle.code.csharp.security.dataflow.ConditionalBypassQuery
-import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
+import ConditionalBypass::PathGraph
 
-from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
-where config.hasFlowPath(source, sink)
+from ConditionalBypass::PathNode source, ConditionalBypass::PathNode sink
+where ConditionalBypass::flowPath(source, sink)
 select sink.getNode(), source, sink, "This condition guards a sensitive $@, but a $@ controls it.",
   sink.getNode().(Sink).getSensitiveMethodCall(), "action", source.getNode(), "user-provided value"