Only capture taint from own fields

Also exclude `Charset` as relevant taint-carrying type. This is generally
what we want to lets us avoid tracking arguments that lead to FP.

java/ql/src/utils/model-generator/CaptureSinkModels.ql

@@ -16,7 +16,7 @@ class PropagateToSinkConfiguration extends TaintTracking::Configuration {
   PropagateToSinkConfiguration() { this = "parameters or  flowing into sinks" }
 
   override predicate isSource(DataFlow::Node source) {
-    (source.asExpr() instanceof FieldAccess or source instanceof DataFlow::ParameterNode) and
+    (source.asExpr().(FieldAccess).isOwnFieldAccess() or source instanceof DataFlow::ParameterNode) and
     source.getEnclosingCallable().isPublic() and
     exists(RefType t |
       t = source.getEnclosingCallable().getDeclaringType().getAnAncestor() and

java/ql/src/utils/model-generator/CaptureSummaryModels.ql

@@ -190,8 +190,7 @@ class ParameterToReturnValueTaintConfig extends TaintTracking::Configuration {
   override predicate isSink(DataFlow::Node sink) { sink instanceof ReturnNodeExt }
 
   override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
-    node2.asExpr().(ConstructorCall).getAnArgument() = node1.asExpr() and
-    node1.asExpr().(Argument).getCall().getCallee().fromSource()
+    node2.asExpr().(ConstructorCall).getAnArgument() = node1.asExpr()
   }
 }
 
@@ -261,6 +260,7 @@ predicate isRelevantType(Type t) {
   not t instanceof PrimitiveType and
   not t instanceof BoxedType and
   not t.(RefType).getAnAncestor().hasQualifiedName("java.lang", "Number") and
+  not t.(RefType).getAnAncestor().hasQualifiedName("java.nio.charset", "Charset") and
   (
     not t.(Array).getElementType() instanceof PrimitiveType or
     isPrimitiveTypeUsedForBulkData(t.(Array).getElementType())