Java: Convert file-path-injection to data extensions.

java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql

@@ -12,12 +12,17 @@
  */
 
 import java
+import semmle.code.java.dataflow.ExternalFlow
 import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.security.PathCreation
 import JFinalController
 import semmle.code.java.security.PathSanitizer
 import DataFlow::PathGraph
 
+private class ActivateModels extends ActiveExperimentalModels {
+  ActivateModels() { this = "file-path-injection" }
+}
+
 /** A complementary sanitizer that protects against path traversal using path normalization. */
 class PathNormalizeSanitizer extends MethodAccess {
   PathNormalizeSanitizer() {

java/ql/src/experimental/Security/CWE/CWE-073/JFinalController.qll

@@ -61,24 +61,3 @@ private class SetToGetAttributeStep extends AdditionalValueStep {
     )
   }
 }
-
-/** Remote flow source models relating to `JFinal`. */
-private class JFinalControllerSource extends SourceModelCsv {
-  override predicate row(string row) {
-    row =
-      [
-        "com.jfinal.core;Controller;true;getCookie" + ["", "Object", "Objects", "ToInt", "ToLong"] +
-          ";;;ReturnValue;remote;manual",
-        "com.jfinal.core;Controller;true;getFile" + ["", "s"] + ";;;ReturnValue;remote;manual",
-        "com.jfinal.core;Controller;true;getHeader;;;ReturnValue;remote;manual",
-        "com.jfinal.core;Controller;true;getKv;;;ReturnValue;remote;manual",
-        "com.jfinal.core;Controller;true;getPara" +
-          [
-            "", "Map", "ToBoolean", "ToDate", "ToInt", "ToLong", "Values", "ValuesToInt",
-            "ValuesToLong"
-          ] + ";;;ReturnValue;remote;manual",
-        "com.jfinal.core;Controller;true;get" + ["", "Int", "Long", "Boolean", "Date"] +
-          ";;;ReturnValue;remote;manual"
-      ]
-  }
-}