Merge pull request #1802 from aschackmull/java/taint-step-extension-point

Java: Add a global extension point for taint steps.

Author: yh-semmle

java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll

@@ -48,12 +48,33 @@ predicate localAdditionalTaintStep(DataFlow::Node src, DataFlow::Node sink) {
   )
 }
 
+private newtype TUnit = TMkUnit()
+
+class Unit extends TUnit {
+  string toString() { result = "unit" }
+}
+
+/**
+ * A unit class for adding additional taint steps.
+ *
+ * Extend this class to add additional taint steps that should apply to all
+ * taint configurations.
+ */
+class AdditionalTaintStep extends Unit {
+  /**
+   * Holds if the step from `node1` to `node2` should be considered a taint
+   * step for all configurations.
+   */
+  abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
+}
+
 /**
  * Holds if the additional step from `src` to `sink` should be included in all
  * global taint flow configurations.
  */
 predicate defaultAdditionalTaintStep(DataFlow::Node src, DataFlow::Node sink) {
-  localAdditionalTaintStep(src, sink)
+  localAdditionalTaintStep(src, sink) or
+  any(AdditionalTaintStep a).step(src, sink)
 }
 
 /**