From d468ea9e9018e486905c73167a37fdfa7b155e94 Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Mon, 31 Jul 2023 00:13:34 -0400
Subject: [PATCH] Add default sanitizers

---
 .../code/java/security/TrustBoundaryViolationQuery.qll       | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll b/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
index 52790f5e186..a89f24e6f1f 100644
--- a/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
@@ -55,7 +55,10 @@ module TrustBoundaryConfig implements DataFlow::ConfigSig {
 
   predicate isBarrier(DataFlow::Node node) {
     node instanceof TrustBoundaryValidationSanitizer or
-    node.getType() instanceof HttpServletSession
+    node.getType() instanceof HttpServletSession or
+    node.getType() instanceof NumberType or
+    node.getType() instanceof PrimitiveType or
+    node.getType() instanceof BoxedType
   }
 
   predicate isSink(DataFlow::Node sink) { sink instanceof TrustBoundaryViolationSink }