Make query alert refer to AST nodes rather than CFG nodes.

Author: taus-semmle

python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql

@@ -25,7 +25,7 @@ FunctionObject temporary_name_function(string mod, string function) {
     result = any(ModuleObject m | m.getName() = mod).getAttribute(function)
 }
 
-from CallNode c, string mod, string function
+from Call c, string mod, string function
 where
-    temporary_name_function(mod, function).getACall() = c
+    temporary_name_function(mod, function).getACall().getNode() = c
 select c, "Call to deprecated function $@.$@ may be insecure.", mod, function

python/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected

@@ -1,3 +1,3 @@
-| InsecureTemporaryFile.py:5:16:5:23 | ControlFlowNode for mktemp() | Call to deprecated function $@.$@ may be insecure. | tempfile | mktemp |
-| InsecureTemporaryFile.py:11:16:11:27 | ControlFlowNode for Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tempnam |
-| InsecureTemporaryFile.py:17:16:17:26 | ControlFlowNode for Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tmpnam |
+| InsecureTemporaryFile.py:5:16:5:23 | mktemp() | Call to deprecated function $@.$@ may be insecure. | tempfile | mktemp |
+| InsecureTemporaryFile.py:11:16:11:27 | Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tempnam |
+| InsecureTemporaryFile.py:17:16:17:26 | Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tmpnam |