Add models for Spring validation.Errors

java/ql/src/semmle/code/java/frameworks/spring/Spring.qll

@@ -12,6 +12,7 @@ import semmle.code.java.frameworks.spring.SpringConstructorArg
 import semmle.code.java.frameworks.spring.SpringController
 import semmle.code.java.frameworks.spring.SpringDescription
 import semmle.code.java.frameworks.spring.SpringEntry
+import semmle.code.java.frameworks.spring.SpringErrors
 import semmle.code.java.frameworks.spring.SpringFlex
 import semmle.code.java.frameworks.spring.SpringIdRef
 import semmle.code.java.frameworks.spring.SpringImport

java/ql/src/semmle/code/java/frameworks/spring/SpringErrors.qll

@@ -0,0 +1,22 @@
+/** Definitions of flow steps through utility methods of `org.springframework.validation.Errors`. */
+
+import java
+private import semmle.code.java.dataflow.ExternalFlow
+
+private class SpringErrorModel extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "org.springframework.validation;Errors;true;addAllErrors;;;Argument[0];Argument[-1];taint",
+        "org.springframework.validation;Errors;true;getAllErrors;;;Argument[-1];ReturnValue;taint",
+        "org.springframework.validation;Errors;true;getFieldError;;;Argument[-1];ReturnValue;taint",
+        "org.springframework.validation;Errors;true;getFieldErrors;;;Argument[-1];ReturnValue;taint",
+        "org.springframework.validation;Errors;true;getGlobalError;;;Argument[-1];ReturnValue;taint",
+        "org.springframework.validation;Errors;true;getGlobalErrors;;;Argument[-1];ReturnValue;taint",
+        "org.springframework.validation;Errors;true;reject;;;Argument[0..2];Argument[-1];taint",
+        "org.springframework.validation;Errors;true;rejectValue;;;Argument[1..3];Argument[-1];taint",
+        "org.springframework.validation;Errors;true;reject;;;Argument[0..2];Argument[-1];taint",
+        "org.springframework.validation;Errors;true;rejectValue;;;Argument[1..3];Argument[-1];taint"
+      ]
+  }
+}