Python: Use more API graphs in TaintTrackingPrivate

But now we suddenly don't handle the call to `unicode` :O -- at least
not when I run the test locally (using Python 3).

Author: RasmusWL

python/ql/src/semmle/python/dataflow/new/internal/TaintTrackingPrivate.qll

@@ -76,13 +76,9 @@ predicate subscriptStep(DataFlow::CfgNode nodeFrom, DataFlow::CfgNode nodeTo) {
  */
 predicate stringManipulation(DataFlow::CfgNode nodeFrom, DataFlow::CfgNode nodeTo) {
   // transforming something tainted into a string will make the string tainted
-  exists(CallNode call | call = nodeTo.getNode() |
-    call.getFunction().(NameNode).getId() in ["str", "bytes", "unicode"] and
-    (
-      nodeFrom.getNode() = call.getArg(0)
-      or
-      nodeFrom.getNode() = call.getArgByName("object")
-    )
+  exists(DataFlow::CallCfgNode call | call = nodeTo |
+    call = API::builtin(["str", "bytes", "unicode"]).getACall() and
+    nodeFrom in [call.getArg(0), call.getArgByName("object")]
   )
   or
   // String methods. Note that this doesn't recognize `meth = "foo".upper; meth()`

python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_string.py

@@ -32,7 +32,7 @@ def str_operations():
         ts[0], # $ tainted
         str(ts), # $ tainted
         bytes(tb), # $ tainted
-        unicode(ts), # $ tainted
+        unicode(ts), # $ MISSING: tainted
     )
 
     aug_assignment = "safe"
@@ -104,7 +104,7 @@ def non_syntactic():
     _str = str
     ensure_tainted(
         meth(), # $ MISSING: tainted
-        _str(ts), # $ MISSING: tainted
+        _str(ts), # $ tainted
     )