Create DefaultTaintSanitizer

Author: owen-mc

java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll

@@ -155,12 +155,19 @@ private module Cached {
     any(AdditionalTaintStep a).step(src, sink) and model = "AdditionalTaintStep"
   }
 
+  /**
+   * A sanitizer in all global taint flow configurations but not in local taint.
+   */
+  cached
+  abstract class DefaultTaintSanitizer extends DataFlow::Node { }
+
   /**
    * Holds if `node` should be a sanitizer in all global taint flow configurations
    * but not in local taint.
    */
   cached
   predicate defaultTaintSanitizer(DataFlow::Node node) {
+    node instanceof DefaultTaintSanitizer or
     // Ignore paths through test code.
     node.getEnclosingCallable().getDeclaringType() instanceof NonSecurityTestClass or
     node.asExpr() instanceof ValidatedVariableAccess