Address review comments

Author: owen-mc

go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll

@@ -65,7 +65,12 @@ module LogInjection {
    */
   class ReplacerReplaceSanitizer extends Sanitizer {
     ReplacerReplaceSanitizer() {
-      this.(DataFlow::MethodCallNode).getTarget().hasQualifiedName("strings", "Replacer", "Replace")
+      exists(DataFlow::MethodCallNode call |
+        call.(DataFlow::MethodCallNode)
+            .getTarget()
+            .hasQualifiedName("strings", "Replacer", "Replace") and
+        this = call.getResult()
+      )
     }
   }
 

go/ql/lib/semmle/go/security/StringBreakCustomizations.qll

@@ -109,9 +109,7 @@ module StringBreak {
   class StringsNewReplacerCall extends DataFlow::CallNode {
     StringsNewReplacerCall() { this.getTarget().hasQualifiedName("strings", "NewReplacer") }
 
-    DataFlow::Node getAReplacedArgument() {
-      exists(int m, int n | m = 2 * n and n = m / 2 and result = getArgument(m))
-    }
+    DataFlow::Node getAReplacedArgument() { exists(int n | n % 2 = 0 and result = getArgument(n)) }
   }
 
   class StringsNewReplacerConfiguration extends DataFlow2::Configuration {
@@ -135,10 +133,14 @@ module StringBreak {
     Quote quote;
 
     ReplacerReplaceSanitizer() {
-      exists(StringsNewReplacerConfiguration config, DataFlow::Node source, DataFlow::Node sink |
+      exists(
+        StringsNewReplacerConfiguration config, DataFlow::Node source, DataFlow::Node sink,
+        DataFlow::MethodCallNode call
+      |
         config.hasFlow(source, sink) and
-        this.getTarget().hasQualifiedName("strings", "Replacer", "Replace") and
-        sink = this.getReceiver() and
+        call.getTarget().hasQualifiedName("strings", "Replacer", "Replace") and
+        sink = call.getReceiver() and
+        this = call.getResult() and
         quote = source.(StringsNewReplacerCall).getAReplacedArgument().getStringValue()
       )
     }