Support CharSequence#toString

Given CharSequence is often used as an
alias for String, ensure taint through toString is flowing

java/ql/lib/semmle/code/java/frameworks/Strings.qll

@@ -54,7 +54,8 @@ private class StringSummaryCsv extends SummaryModelCsv {
         "java.lang;StringBuffer;true;StringBuffer;(CharSequence);;Argument[0];Argument[-1];taint",
         "java.lang;StringBuffer;true;StringBuffer;(String);;Argument[0];Argument[-1];taint",
         "java.lang;StringBuilder;true;StringBuilder;;;Argument[0];Argument[-1];taint",
-        "java.lang;CharSequence;true;subSequence;;;Argument[-1];ReturnValue;taint"
+        "java.lang;CharSequence;true;subSequence;;;Argument[-1];ReturnValue;taint",
+        "java.lang;CharSequence;true;toString;;;Argument[-1];ReturnValue;taint"
       ]
   }
 }

java/ql/test/library-tests/dataflow/taint/CharSeq.java

@@ -9,5 +9,8 @@ public class CharSeq {
   
       CharSequence seqFromSeq = seq.subSequence(0, 1);
       sink(seqFromSeq);
+
+      String stringFromSeq = seq.toString();
+      sink(stringFromSeq);
     }
   }

java/ql/test/library-tests/dataflow/taint/test.expected

@@ -43,6 +43,7 @@
 | B.java:15:21:15:27 | taint(...) | B.java:157:10:157:46 | toFile(...) |
 | CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:8:12:8:14 | seq |
 | CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:11:12:11:21 | seqFromSeq |
+| CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:14:12:14:24 | stringFromSeq |
 | MethodFlow.java:7:22:7:28 | taint(...) | MethodFlow.java:8:10:8:16 | tainted |
 | MethodFlow.java:9:31:9:37 | taint(...) | MethodFlow.java:10:10:10:17 | tainted2 |
 | MethodFlow.java:11:35:11:41 | taint(...) | MethodFlow.java:12:10:12:17 | tainted3 |