Update normalized path node

java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql

@@ -25,7 +25,7 @@ class InjectFilePathConfig extends TaintTracking::Configuration {
 
   override predicate isSink(DataFlow::Node sink) {
     sink.asExpr() = any(PathCreation p).getAnInput() and
-    not sink instanceof SanitizedNode
+    not sink instanceof NormalizedPathNode
   }
 
   override predicate isSanitizer(DataFlow::Node node) {

java/ql/src/experimental/Security/CWE/CWE-073/PathSanitizer.qll

@@ -174,12 +174,10 @@ private class UrlDecodeSanitizer extends MethodAccess {
   }
 }
 
-/** A sanitized node that is protected against path traversal vulnerabilities. */
-abstract class SanitizedNode extends DataFlow::Node { }
-
-class NodeWithPathNormalizer extends SanitizedNode {
-  NodeWithPathNormalizer() {
-    DataFlow::localExprFlow(this.asExpr(), any(PathNormalizeSanitizer ma))
+/** A node with path normalization. */
+class NormalizedPathNode extends DataFlow::Node {
+  NormalizedPathNode() {
+    TaintTracking::localExprTaint(this.asExpr(), any(PathNormalizeSanitizer ma))
   }
 }
 
@@ -188,8 +186,8 @@ private class PathDataModel extends SummaryModelCsv {
   override predicate row(string row) {
     row =
       [
-        "java.nio.file;Paths;true;get;;;Argument[0];ReturnValue;value",
-        "java.nio.file;Path;true;normalize;;;Argument[-1];ReturnValue;value"
+        "java.nio.file;Paths;true;get;;;Argument[0];ReturnValue;taint",
+        "java.nio.file;Path;true;normalize;;;Argument[-1];ReturnValue;taint"
       ]
   }
 }