C++: Add ComPtr MaD models

[MathiasVP]

This is (unsurprisingly) quite an important model to Microsoft.
I've tested it on a random Microsoft database I had locally, and the number of summary local flow steps goes up by ~11% 🎉

[Copilot]

Pull Request Overview

This PR adds MaD (Modeling as Data) models for Microsoft's ComPtr template class, which is a smart pointer used extensively in Windows development. The models enable proper data flow tracking through ComPtr operations, resulting in an ~11% increase in summary local flow steps on Microsoft codebases.

• Adds comprehensive MaD models for ComPtr constructors, methods, and operations
• Includes test coverage with taint flow scenarios for various ComPtr operations
• Updates expected test results to reflect the new data flow capabilities

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
cpp/ql/lib/ext/ComPtr.model.yml	Defines MaD models for ComPtr constructors, methods like Get/Detach/CopyTo, and data flow patterns
cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp	Adds comprehensive test cases for ComPtr taint tracking scenarios
cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected	Updates expected results for local taint flow tests
cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected	Updates expected MaD signature matching results
cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected	Updates model validation results

[jketema]

One small comment. Otherwise this LGTM, assuming DCA is happy.

[jketema]

This is using the template version right? I seem to be missing a test for the non-template, 1 argument version?

[MathiasVP]

Oh, yes you're right! We were in fact missing a model for that one (see 8c07a3e). I've fixed this in bebfe03

[MathiasVP]

DCA was uneventful (as expected since we dont have a lot of these things covered in DCA)