Java: Add exec sinks with array arguments.

java/ql/src/Security/CWE/CWE-078/ExecTainted.ql

@@ -17,7 +17,7 @@ import semmle.code.java.security.ExternalProcess
 import ExecCommon
 import DataFlow::PathGraph
 
-from DataFlow::PathNode source, DataFlow::PathNode sink, StringArgumentToExec execArg
+from DataFlow::PathNode source, DataFlow::PathNode sink, ArgumentToExec execArg
 where execTainted(source, sink, execArg)
 select execArg, source, sink, "$@ flows to here and is used in a command.", source.getNode(),
   "User-provided value"

java/ql/src/Security/CWE/CWE-078/ExecTaintedLocal.ql

@@ -29,7 +29,7 @@ class LocalUserInputToArgumentToExecFlowConfig extends TaintTracking::Configurat
 }
 
 from
-  DataFlow::PathNode source, DataFlow::PathNode sink, StringArgumentToExec execArg,
+  DataFlow::PathNode source, DataFlow::PathNode sink, ArgumentToExec execArg,
   LocalUserInputToArgumentToExecFlowConfig conf
 where conf.hasFlowPath(source, sink) and sink.getNode().asExpr() = execArg
 select execArg, source, sink, "$@ flows to here and is used in a command.", source.getNode(),