Consider File.exists() et al a path-injection sink

java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected

@@ -4,6 +4,7 @@ edges
 | FilePathInjection.java:87:21:87:34 | getPara(...) : String | FilePathInjection.java:95:47:95:59 | finalFilePath |
 | FilePathInjection.java:177:50:177:58 | file : File | FilePathInjection.java:182:30:182:33 | file |
 | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:209:24:209:31 | filePath : String |
+| FilePathInjection.java:209:15:209:32 | new File(...) : File | FilePathInjection.java:210:23:210:26 | file |
 | FilePathInjection.java:209:15:209:32 | new File(...) : File | FilePathInjection.java:217:19:217:22 | file : File |
 | FilePathInjection.java:209:24:209:31 | filePath : String | FilePathInjection.java:209:15:209:32 | new File(...) : File |
 | FilePathInjection.java:217:19:217:22 | file : File | FilePathInjection.java:177:50:177:58 | file : File |
@@ -19,6 +20,7 @@ nodes
 | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | semmle.label | getParameter(...) : String |
 | FilePathInjection.java:209:15:209:32 | new File(...) : File | semmle.label | new File(...) : File |
 | FilePathInjection.java:209:24:209:31 | filePath : String | semmle.label | filePath : String |
+| FilePathInjection.java:210:23:210:26 | file | semmle.label | file |
 | FilePathInjection.java:217:19:217:22 | file : File | semmle.label | file : File |
 subpaths
 #select
@@ -26,3 +28,4 @@ subpaths
 | FilePathInjection.java:72:47:72:59 | finalFilePath | FilePathInjection.java:64:21:64:34 | getPara(...) : String | FilePathInjection.java:72:47:72:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:64:21:64:34 | getPara(...) | user-provided value |
 | FilePathInjection.java:95:47:95:59 | finalFilePath | FilePathInjection.java:87:21:87:34 | getPara(...) : String | FilePathInjection.java:95:47:95:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:87:21:87:34 | getPara(...) | user-provided value |
 | FilePathInjection.java:182:30:182:33 | file | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:182:30:182:33 | file | External control of file name or path due to $@. | FilePathInjection.java:205:17:205:44 | getParameter(...) | user-provided value |
+| FilePathInjection.java:210:23:210:26 | file | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:210:23:210:26 | file | External control of file name or path due to $@. | FilePathInjection.java:205:17:205:44 | getParameter(...) | user-provided value |

java/ql/test/library-tests/neutrals/neutralsinks/Test.java

@@ -14,11 +14,9 @@ public class Test {
 
         // java.io
         File file = null;
-        file.exists(); // $ isNeutralSink
         file.compareTo(null); // $ isNeutralSink
 
         // java.nio.file
-        Files.exists(null, (LinkOption[])null); // $ isNeutralSink
         Files.getLastModifiedTime(null, (LinkOption[])null); // $ isNeutralSink
         Files.getOwner(null, (LinkOption[])null); // $ isNeutralSink
         Files.getPosixFilePermissions(null, (LinkOption[])null); // $ isNeutralSink
@@ -30,7 +28,6 @@ public class Test {
         Files.isSameFile(null, null); // $ isNeutralSink
         Files.isSymbolicLink(null); // $ isNeutralSink
         Files.isWritable(null); // $ isNeutralSink
-        Files.notExists(null, (LinkOption[])null); // $ isNeutralSink
         Files.setLastModifiedTime(null, null); // $ isNeutralSink
         Files.size(null); // $ isNeutralSink