Convert to using the new DataFlow modules

Author: egregius313

java/ql/lib/semmle/code/java/security/InsecureLdapAuthQuery.qll

@@ -9,22 +9,20 @@ import semmle.code.java.security.InsecureLdapAuth
 /**
  * A taint-tracking configuration for `ldap://` URL in LDAP authentication.
  */
-class InsecureUrlFlowConfig extends TaintTracking::Configuration {
-  InsecureUrlFlowConfig() { this = "InsecureLdapAuth:InsecureUrlFlowConfig" }
-
+private module InsecureUrlFlowConfig implements DataFlow::ConfigSig {
   /** Source of `ldap://` connection string. */
-  override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof InsecureLdapUrl }
+  predicate isSource(DataFlow::Node src) { src.asExpr() instanceof InsecureLdapUrl }
 
   /** Sink of directory context creation. */
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(ConstructorCall cc |
       cc.getConstructedType().getAnAncestor() instanceof TypeDirContext and
       sink.asExpr() = cc.getArgument(0)
     )
   }
 
   /** Method call of `env.put()`. */
-  override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
+  predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
     exists(MethodAccess ma |
       pred.asExpr() = ma.getArgument(1) and
       isProviderUrlSetter(ma) and
@@ -33,46 +31,48 @@ class InsecureUrlFlowConfig extends TaintTracking::Configuration {
   }
 }
 
+module InsecureUrlFlowConfiguration = TaintTracking::Make<InsecureUrlFlowConfig>;
+
 /**
  * A taint-tracking configuration for `simple` basic-authentication in LDAP configuration.
  */
-class BasicAuthFlowConfig extends DataFlow::Configuration {
-  BasicAuthFlowConfig() { this = "InsecureLdapAuth:BasicAuthFlowConfig" }
-
+private module BasicAuthFlowConfig implements DataFlow::ConfigSig {
   /** Source of `simple` configuration. */
-  override predicate isSource(DataFlow::Node src) {
+  predicate isSource(DataFlow::Node src) {
     exists(MethodAccess ma |
       isBasicAuthEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()
     )
   }
 
   /** Sink of directory context creation. */
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(ConstructorCall cc |
       cc.getConstructedType().getAnAncestor() instanceof TypeDirContext and
       sink.asExpr() = cc.getArgument(0)
     )
   }
 }
 
+module BasicAuthFlowConfiguration = DataFlow::Make<BasicAuthFlowConfig>;
+
 /**
  * A taint-tracking configuration for `ssl` configuration in LDAP authentication.
  */
-class SslFlowConfig extends DataFlow::Configuration {
-  SslFlowConfig() { this = "InsecureLdapAuth:SSLFlowConfig" }
-
+private module SslFlowConfig implements DataFlow::ConfigSig {
   /** Source of `ssl` configuration. */
-  override predicate isSource(DataFlow::Node src) {
+  predicate isSource(DataFlow::Node src) {
     exists(MethodAccess ma |
       isSslEnv(ma) and ma.getQualifier() = src.(PostUpdateNode).getPreUpdateNode().asExpr()
     )
   }
 
   /** Sink of directory context creation. */
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(ConstructorCall cc |
       cc.getConstructedType().getAnAncestor() instanceof TypeDirContext and
       sink.asExpr() = cc.getArgument(0)
     )
   }
 }
+
+module SslFlowConfiguration = DataFlow::Make<SslFlowConfig>;

java/ql/src/Security/CWE/CWE-522/InsecureLdapAuth.ql

@@ -15,10 +15,10 @@ import java
 import semmle.code.java.security.InsecureLdapAuthQuery
 import DataFlow::PathGraph
 
-from DataFlow::PathNode source, DataFlow::PathNode sink, InsecureUrlFlowConfig config
+from InsecureUrlFlowConfiguration::PathNode source, InsecureUrlFlowConfiguration::PathNode sink
 where
-  config.hasFlowPath(source, sink) and
-  any(BasicAuthFlowConfig bc).hasFlowTo(sink.getNode()) and
-  not any(SslFlowConfig sc).hasFlowTo(sink.getNode())
+  InsecureUrlFlowConfiguration::hasFlowPath(source, sink) and
+  BasicAuthFlowConfiguration::hasFlowTo(sink.getNode()) and
+  not SslFlowConfiguration::hasFlowTo(sink.getNode())
 select sink.getNode(), source, sink, "Insecure LDAP authentication from $@.", source.getNode(),
   "LDAP connection string"

java/ql/test/query-tests/security/CWE-522/InsecureLdapAuthTest.ql

@@ -9,9 +9,9 @@ class InsecureLdapAuthenticationTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasInsecureLdapAuth" and
-    exists(DataFlow::Node sink, InsecureUrlFlowConfig conf | conf.hasFlowTo(sink) |
-      any(BasicAuthFlowConfig bc).hasFlowTo(sink) and
-      not any(SslFlowConfig sc).hasFlowTo(sink) and
+    exists(DataFlow::Node sink | InsecureUrlFlowConfiguration::hasFlowTo(sink) |
+      BasicAuthFlowConfiguration::hasFlowTo(sink) and
+      not SslFlowConfiguration::hasFlowTo(sink) and
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""