Java: add test case

java/ql/test/library-tests/dataflow/implicit-read/A.java

@@ -0,0 +1,27 @@
+public class A {
+    String field;
+
+    static String source(String name) {
+        return name;
+    }
+
+    static void sink(Object o) {}
+
+    static String step(Object o) {
+        return "";
+    }
+
+    static Object getA() {
+        A a = new A();
+        a.field = source("source");
+        return a;
+    }
+
+    static void test() {
+        Object object = getA();
+
+        sink(step(object)); // $ hasTaintFlow=source
+        sink(object); // $ SPURIOUS: hasTaintFlow=source
+        sink(((A)object).field); // $ hasTaintFlow=source
+    }
+}

java/ql/test/library-tests/dataflow/implicit-read/test.ql

@@ -0,0 +1,22 @@
+import java
+import TestUtilities.InlineFlowTest
+
+module TestConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { DefaultFlowConfig::isSource(source) }
+
+  predicate isSink(DataFlow::Node sink) { DefaultFlowConfig::isSink(sink) }
+
+  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
+    exists(MethodCall call |
+      call.getMethod().getName() = "step" and
+      node1.asExpr() = call.getArgument(0) and
+      node2.asExpr() = call
+    )
+  }
+
+  predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet content) {
+    isAdditionalFlowStep(node, _) and content instanceof DataFlow::FieldContent
+  }
+}
+
+import TaintFlowTest<TestConfig>