Move ExternallyControlledFormatStringFlow to Query.qll

Author: egregius313

java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringQuery.qll

@@ -0,0 +1,26 @@
+/** Provides a taint-tracking configuration to reason about externally controlled format string vulnerabilities. */
+
+import java
+import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.StringFormat
+
+/**
+ * A taint-tracking configuration for externally controlled format string vulnerabilities.
+ */
+module ExternallyControlledFormatStringConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
+
+  predicate isSink(DataFlow::Node sink) {
+    sink.asExpr() = any(StringFormat formatCall).getFormatArgument()
+  }
+
+  predicate isBarrier(DataFlow::Node node) {
+    node.getType() instanceof NumericType or node.getType() instanceof BooleanType
+  }
+}
+
+/**
+ * Taint-tracking flow for externally controlled format string vulnerabilities.
+ */
+module ExternallyControlledFormatStringFlow =
+  TaintTracking::Global<ExternallyControlledFormatStringConfig>;

java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatString.ql

@@ -11,24 +11,7 @@
  */
 
 import java
-import semmle.code.java.dataflow.FlowSources
-import semmle.code.java.StringFormat
-
-module ExternallyControlledFormatStringConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
-
-  predicate isSink(DataFlow::Node sink) {
-    sink.asExpr() = any(StringFormat formatCall).getFormatArgument()
-  }
-
-  predicate isBarrier(DataFlow::Node node) {
-    node.getType() instanceof NumericType or node.getType() instanceof BooleanType
-  }
-}
-
-module ExternallyControlledFormatStringFlow =
-  TaintTracking::Global<ExternallyControlledFormatStringConfig>;
-
+import semmle.code.java.security.ExternallyControlledFormatStringQuery
 import ExternallyControlledFormatStringFlow::PathGraph
 
 from