Predicate unsafeDeserialization
Holds if ma is a call that deserializes data from sink.
Note that this does not include deserialization methods that have been specified using models-as-data.
Import path
import semmle.code.java.security.UnsafeDeserializationQuerypredicate unsafeDeserialization(MethodCall ma, Expr sink)