From 8d3fc735ea8f52878e4f6030f706703cb8dcfeea Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Wed, 13 Mar 2024 17:03:00 +0000
Subject: [PATCH] C++: Fix compilation issue in UseAfterFree.qll.

---
 .../semmle/code/cpp/security/flowafterfree/UseAfterFree.qll  | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll b/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
index bea0b73b874..da21f51f35b 100644
--- a/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
+++ b/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
@@ -139,6 +139,7 @@ private module ParameterSinks {
 }
 
 private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplCommon
+private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate
 
 /**
  * Holds if `n` represents the expression `e`, and `e` is a pointer that is
@@ -149,11 +150,11 @@ private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplCommon
 predicate isUse(DataFlow::Node n, Expr e) {
   isUse0(e) and n.asExpr() = e
   or
-  exists(CallInstruction call, InitializeParameterInstruction init |
+  exists(DataFlowCall call, InitializeParameterInstruction init |
     n.asOperand().getDef().getUnconvertedResultExpression() = e and
     pragma[only_bind_into](init) = ParameterSinks::getAnAlwaysDereferencedParameter() and
     viableParamArg(call, DataFlow::instructionNode(init), n) and
     pragma[only_bind_out](init.getEnclosingFunction()) =
-      pragma[only_bind_out](call.getStaticCallTarget())
+      pragma[only_bind_out](call.asCallInstruction().getStaticCallTarget())
   )
 }