C++: Use the new predicate in 'ScanfChecks.qll'.

MathiasVP · MathiasVP · commit decede51dc1e · 2024-03-18T16:07:57.000Z
diff --git a/cpp/ql/src/Critical/ScanfChecks.qll b/cpp/ql/src/Critical/ScanfChecks.qll
@@ -11,7 +11,7 @@ private predicate exprInBooleanContext(Expr e) {
   exists(IRGuardCondition gc |
     exists(Instruction i |
       i.getUnconvertedResultExpression() = e and
-      gc.comparesEq(valueNumber(i).getAUse(), zero(), 0, _, _)
+      gc.comparesEq(valueNumber(i).getAUse(), 0, _, _)
     )
     or
     gc.getUnconvertedResultExpression() = e
@@ -36,18 +36,14 @@ private string getEofValue() {
   )
 }
 
-private ConstantInstruction getEofInstruction() { result.getValue() = getEofValue() }
-
-private Operand eof() { result.getDef() = getEofInstruction() }
-
 /**
  * Holds if the value of `call` has been checked to not equal `EOF`.
  */
 private predicate checkedForEof(ScanfFunctionCall call) {
   exists(IRGuardCondition gc |
     exists(Instruction i | i.getUnconvertedResultExpression() = call |
       // call == EOF
-      gc.comparesEq(valueNumber(i).getAUse(), eof(), 0, _, _)
+      gc.comparesEq(valueNumber(i).getAUse(), getEofValue().toInt(), _, _)
       or
       // call < 0 (EOF is guaranteed to be negative)
       gc.comparesLt(valueNumber(i).getAUse(), zero(), 0, true, _)
