C++: Use [, ...] syntax more widely.

cpp/ql/src/Security/CWE/CWE-121/UnterminatedVarargsCall.ql

@@ -56,7 +56,7 @@ class VarargsFunction extends Function {
   }
 
   string normalTerminator(int cnt) {
-    (result = "0" or result = "-1") and
+    result = ["0", "-1"] and
     cnt = trailingArgValueCount(result) and
     2 * cnt > totalCount() and
     not exists(FunctionCall fc, int index |

cpp/ql/src/Security/CWE/CWE-676/DangerousUseOfCin.ql

@@ -66,19 +66,14 @@ class IFStream extends Type {
  */
 class CinVariable extends NamespaceVariable {
   CinVariable() {
-    (
-      getName() = "cin" or
-      getName() = "wcin"
-    ) and
-    getNamespace().getName() = "std"
+    this.hasQualifiedName("std", ["cin", "wcin"])
   }
 }
 
 /** A call to `std::operator>>`. */
 class OperatorRShiftCall extends FunctionCall {
   OperatorRShiftCall() {
-    getTarget().getNamespace().getName() = "std" and
-    getTarget().hasName("operator>>")
+    getTarget().hasQualifiedName("std", "operator>>")
   }
 
   /*

cpp/ql/src/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql

@@ -14,12 +14,7 @@ import cpp
 
 predicate potentiallyDangerousFunction(Function f, string message) {
   exists(string name | f.hasGlobalName(name) |
-    (
-      name = "gmtime" or
-      name = "localtime" or
-      name = "ctime" or
-      name = "asctime"
-    ) and
+    name = ["gmtime", "localtime", "ctime", "asctime"] and
     message = "Call to " + name + " is potentially dangerous"
   )
 }

cpp/ql/src/Security/CWE/CWE-732/DoNotCreateWorldWritable.ql

@@ -19,12 +19,7 @@ predicate worldWritableCreation(FileCreationExpr fc, int mode) {
 }
 
 predicate setWorldWritable(FunctionCall fc, int mode) {
-  exists(string name | fc.getTarget().getName() = name |
-    name = "chmod" or
-    name = "fchmod" or
-    name = "_chmod" or
-    name = "_wchmod"
-  ) and
+  fc.getTarget().getName() = ["chmod", "fchmod", "_chmod", "_wchmod"] and
   mode = fc.getArgument(1).getValue().toInt() and
   sets(mode, s_iwoth())
 }

cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll

@@ -31,11 +31,7 @@ predicate sets(int mask, int fields) { mask.bitAnd(fields) != 0 }
  * one of the `umask` family of functions.
  */
 private int umask(FunctionCall fc) {
-  exists(string name | name = fc.getTarget().getName() |
-    name = "umask" or
-    name = "_umask" or
-    name = "_umask_s"
-  ) and
+  fc.getTarget().getName() = ["umask", "_umask", "_umask_s"] and
   result = fc.getArgument(0).getValue().toInt()
 }
 
@@ -89,11 +85,7 @@ abstract class FileCreationExpr extends FunctionCall {
 
 class OpenCreationExpr extends FileCreationExpr {
   OpenCreationExpr() {
-    exists(string name | name = this.getTarget().getName() |
-      name = "open" or
-      name = "_open" or
-      name = "_wopen"
-    ) and
+    this.getTarget().getName() = ["open", "_open", "_wopen"] and
     sets(this.getArgument(1).getValue().toInt(), o_creat())
   }
 
@@ -134,14 +126,9 @@ private int fopenMode() {
 
 class FopenCreationExpr extends FileCreationExpr {
   FopenCreationExpr() {
-    exists(string name | name = this.getTarget().getName() |
-      name = "fopen" or
-      name = "_wfopen" or
-      name = "fsopen" or
-      name = "_wfsopen"
-    ) and
+    this.getTarget().getName() = ["fopen", "_wfopen", "fsopen", "_wfsopen"] and
     exists(string mode |
-      (mode = "w" or mode = "a") and
+      mode = ["w", "a"] and
       this.getArgument(1).getValue().matches(mode + "%")
     )
   }