Refactor JxBrowserWithoutCertValidation

egregius313 · egregius313 · commit a186b771ba83 · 2023-04-12T20:37:35.000-04:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql b/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql
@@ -66,26 +66,26 @@ private class JxBrowserSafeLoadHandler extends RefType {
  * Models flow from the source `new Browser()` to a sink `browser.setLoadHandler(loadHandler)` where `loadHandler`
  * has been determined to be safe.
  */
-private class JxBrowserFlowConfiguration extends DataFlow::Configuration {
-  JxBrowserFlowConfiguration() { this = "JxBrowserFlowConfiguration" }
-
-  override predicate isSource(DataFlow::Node src) {
+private module JxBrowserFlowConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node src) {
     exists(ClassInstanceExpr newJxBrowser | newJxBrowser.getConstructedType() instanceof JxBrowser |
       newJxBrowser = src.asExpr()
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(MethodAccess ma | ma.getMethod() instanceof JxBrowserSetLoadHandler |
       ma.getArgument(0).getType() instanceof JxBrowserSafeLoadHandler and
       ma.getQualifier() = sink.asExpr()
     )
   }
 }
 
-from JxBrowserFlowConfiguration cfg, DataFlow::Node src
+private module JxBrowserFlow = DataFlow::Global<JxBrowserFlowConfig>;
+
+from DataFlow::Node src
 where
-  cfg.isSource(src) and
-  not cfg.hasFlow(src, _) and
+  JxBrowserFlowConfig::isSource(src) and
+  not JxBrowserFlow::flow(src, _) and
   not isSafeJxBrowserVersion()
 select src, "This JxBrowser instance may not check HTTPS certificates."
