C++: Only use std::rand as a source of randomness.

Author: MathiasVP

cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql

@@ -18,16 +18,8 @@ import semmle.code.cpp.security.TaintTracking
 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
 import TaintedWithPath
 
-string getAMinPattern() { result = ["%min%", "l%"] }
-
-string getAMaxPattern() { result = ["%max%", "%bound%", "h%"] }
-
 predicate isUnboundedRandCall(FunctionCall fc) {
-  exists(Function func | func = fc.getTarget() |
-    func.getName() = "rand" and
-    not bounded(fc) and
-    not func.getAParameter().getName().toLowerCase().matches([getAMinPattern(), getAMaxPattern()])
-  )
+  fc.getTarget().hasGlobalOrStdOrBslName("rand") and not bounded(fc)
 }
 
 /**