Move check to exlude test cases so that it also covers exponential redos

Author: joefarebrother

java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll

@@ -17,6 +17,10 @@ private class RegexCompileFlowConf extends DataFlow2::Configuration {
   override predicate isSink(DataFlow::Node node) {
     sinkNode(node, ["regex-compile", "regex-compile-match", "regex-compile-find"])
   }
+
+  override predicate isBarrier(DataFlow::Node node) {
+    node.getEnclosingCallable().getDeclaringType() instanceof NonSecurityTestClass
+  }
 }
 
 /**
@@ -208,10 +212,6 @@ private class RegexMatchFlowConf extends DataFlow2::Configuration {
   override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
     any(RegexAdditionalFlowStep s).step(node1, node2)
   }
-
-  override predicate isBarrier(DataFlow::Node node) {
-    node.getEnclosingCallable().getDeclaringType() instanceof NonSecurityTestClass
-  }
 }
 
 /**