Don't consider subtypes of fields

Author: atorralba

java/ql/test/library-tests/dataflow/entrypoint-types/EntryPointTypesTest.java

@@ -33,6 +33,14 @@ public K getField8() {
         }
     }
 
+    static class ChildObject extends ParameterizedTestObject<TestObject, Object> {
+        public Object field9;
+    }
+
+    class UnrelatedObject {
+        public String safeField;
+    }
+
     private static void sink(String sink) {}
 
     public static void test(TestObject source) {
@@ -50,4 +58,16 @@ public static void testParameterized(
         sink(source.getField8().field4); // $hasTaintFlow
         sink(source.getField8().getField5()); // $hasTaintFlow
     }
+
+    public static void testSubtype(ParameterizedTestObject<?, ?> source) {
+        ChildObject subtypeSource = (ChildObject) source;
+        sink(subtypeSource.field6); // $hasTaintFlow
+        sink(subtypeSource.field7.field1); // $hasTaintFlow
+        sink(subtypeSource.field7.getField2()); // $hasTaintFlow
+        sink((String) subtypeSource.getField8()); // $hasTaintFlow
+        sink((String) subtypeSource.field9); // $hasTaintFlow
+        // Ensure that we are not tainting every subclass of Object
+        UnrelatedObject unrelated = (UnrelatedObject) subtypeSource.getField8();
+        sink(unrelated.safeField); // Safe
+    }
 }