Merge pull request #20378 from github/alexet/java-regex-local

Jave: Use force local to make parsing local after global regex finding.

Author: Alexander Eyers-Taylor

java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll

@@ -163,18 +163,22 @@ private module RegexFlowConfig implements DataFlow::ConfigSig {
 
 private module RegexFlow = DataFlow::Global<RegexFlowConfig>;
 
+private predicate usedAsRegexImpl(StringLiteral regex, string mode, boolean match_full_string) {
+  RegexFlow::flow(DataFlow::exprNode(regex), _) and
+  mode = "None" and // TODO: proper mode detection
+  (if matchesFullString(regex) then match_full_string = true else match_full_string = false)
+}
+
 /**
  * Holds if `regex` is used as a regex, with the mode `mode` (if known).
  * If regex mode is not known, `mode` will be `"None"`.
  *
  * As an optimisation, only regexes containing an infinite repitition quatifier (`+`, `*`, or `{x,}`)
  * and therefore may be relevant for ReDoS queries are considered.
  */
-predicate usedAsRegex(StringLiteral regex, string mode, boolean match_full_string) {
-  RegexFlow::flow(DataFlow::exprNode(regex), _) and
-  mode = "None" and // TODO: proper mode detection
-  (if matchesFullString(regex) then match_full_string = true else match_full_string = false)
-}
+overlay[local]
+predicate usedAsRegex(StringLiteral regex, string mode, boolean match_full_string) =
+  forceLocal(usedAsRegexImpl/3)(regex, mode, match_full_string)
 
 /**
  * Holds if `regex` is used as a regular expression that is matched against a full string,