C++: Use the getSourceType predicate on RemoteFlowSources for better alert messages.

Author: MathiasVP

cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql

@@ -11,10 +11,11 @@
 import cpp
 import semmle.code.cpp.ir.dataflow.TaintTracking
 import semmle.code.cpp.security.ir.ExternalAPIs
+import semmle.code.cpp.security.FlowSources
 import DataFlow::PathGraph
 
 from UntrustedDataToExternalAPIConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
 where config.hasFlowPath(source, sink)
 select sink, source, sink,
   "Call to " + sink.getNode().(ExternalAPIDataNode).getExternalFunction().toString() +
-    " with untrusted data from $@.", source, source.toString()
+    " with untrusted data from $@.", source, source.getNode().(RemoteFlowSource).getSourceType()