From 6e4e1e52c0d258370de1b5366f193d17aeb35df6 Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Wed, 12 Apr 2023 10:03:45 -0400
Subject: [PATCH] Refactor NFEAndroidDoS

---
 .../Security/CWE/CWE-755/NFEAndroidDoS.ql        | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql b/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql
index 1682c8e03a1..41a4c8115d4 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql
@@ -17,19 +17,17 @@ import java
 import semmle.code.java.frameworks.android.Intent
 import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.NumberFormatException
-import DataFlow::PathGraph
+import NfeLocalDoSFlow::PathGraph
 
 /**
  * Taint configuration tracking flow from untrusted inputs to number conversion calls in exported Android compononents.
  */
-class NfeLocalDoSConfiguration extends TaintTracking::Configuration {
-  NfeLocalDoSConfiguration() { this = "NFELocalDoSConfiguration" }
-
+module NfeLocalDoSConfig implements DataFlow::ConfigSig {
   /** Holds if source is a remote flow source */
-  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
   /** Holds if NFE is thrown but not caught */
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(Expr e |
       e.getEnclosingCallable().getDeclaringType().(ExportableAndroidComponent).isExported() and
       throwsNfe(e) and
@@ -42,8 +40,10 @@ class NfeLocalDoSConfiguration extends TaintTracking::Configuration {
   }
 }
 
-from DataFlow::PathNode source, DataFlow::PathNode sink, NfeLocalDoSConfiguration conf
-where conf.hasFlowPath(source, sink)
+module NfeLocalDoSFlow = TaintTracking::Global<NfeLocalDoSConfig>;
+
+from NfeLocalDoSFlow::PathNode source, NfeLocalDoSFlow::PathNode sink
+where NfeLocalDoSFlow::flowPath(source, sink)
 select sink.getNode(), source, sink,
   "Uncaught NumberFormatException in an exported Android component due to $@.", source.getNode(),
   "user-provided value"