/**
 * @name 07_getNamespace
 */

import java

predicate isOgnlSink(Expr arg) {
  exists (Method m, MethodAccess ma
  | m.getName() = "compileAndExecute" and
    ma.getMethod() = m and
    arg = ma.getArgument(0))
}

/* Find calls to getNamespace. */
from Method m, Method n, MethodAccess ma
where
  m.getName() = "getNamespace" and
  m.getDeclaringType().getName() = "ActionProxy" and
  n.overrides*(m) and
  ma.getMethod() = n
select ma