Only capture taint from own fields

Also exclude `Charset` as relevant taint-carrying type. This is generally
what we want to lets us avoid tracking arguments that lead to FP.

java/ql/test/utils/model-generator/CaptureSummaryModels.expected

@@ -44,3 +44,4 @@
 | p;Pojo;false;getValue;();;Argument[-1];ReturnValue;taint |
 | p;Pojo;false;setValue;(String);;Argument[0];Argument[-1];taint |
 | p;PrivateFlowViaPublicInterface;true;createAnSPI;(File);;Argument[0];ReturnValue;taint |
+| p;PrivateFlowViaPublicInterface;true;createAnSPIWithoutTrackingFile;(File);;Argument[0];ReturnValue;taint |

java/ql/test/utils/model-generator/p/PrivateFlowViaPublicInterface.java

@@ -7,8 +7,15 @@ import java.io.OutputStream;
 
 public class PrivateFlowViaPublicInterface {
 
+    static class RandomPojo {
+        public File someFile = new File("someFile");
+    }
     public static interface SPI {
         OutputStream openStream() throws IOException;
+
+        default OutputStream openStreamNone() throws IOException {
+            return null;
+        };
     }
 
     private static final class PrivateImplWithSink implements SPI {
@@ -25,9 +32,30 @@ public class PrivateFlowViaPublicInterface {
         }
 
     }
+    
+    private static final class PrivateImplWithRandomField implements SPI {
+
+        public PrivateImplWithRandomField(File file) {
+        }
+
+        @Override
+        public OutputStream openStream() throws IOException {
+            return null;
+        }
+        
+        @Override
+        public OutputStream openStreamNone() throws IOException {
+            return new FileOutputStream(new RandomPojo().someFile);
+        }
+
+    }
 
     public static SPI createAnSPI(File file) {
         return new PrivateImplWithSink(file);
     }
+    
+    public static SPI createAnSPIWithoutTrackingFile(File file) {
+        return new PrivateImplWithRandomField(file);
+    }
 
 }