diff --git a/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql b/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql
index c428b13843c..07aa5d90cf5 100644
--- a/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql	
+++ b/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql	
@@ -74,5 +74,5 @@ from
   DataFlow::PathNode sink1, DataFlow2::PathNode sink2
 where conf.hasFlowPath(source1, source2, sink1, sink2)
 // TODO: pull delta out and display it
-select sink1.getNode(), source1, sink1, "off-by one error allocated at $@ bounded by $@", source1,
+select sink1.getNode(), source1, sink1, "Off-by one error allocated at $@ bounded by $@.", source1,
   source1.toString(), sink2, sink2.toString()
diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql b/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql
index f323dc2957b..16f72da37b3 100644
--- a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql	
+++ b/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql	
@@ -33,5 +33,5 @@ from
   DataFlow::PathNode sink1, DataFlow2::PathNode sink2
 where conf.hasFlowPath(source1, source2, sink1, sink2)
 // TODO: pull delta out and display it
-select sink1.getNode(), source1, sink1, "overrunning write allocated at $@ bounded by $@", source1,
+select sink1.getNode(), source1, sink1, "Overrunning write allocated at $@ bounded by $@.", source1,
   source1.toString(), sink2, sink2.toString()
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected
index 1c82cfdd747..28950981ca2 100644
--- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected
+++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected
@@ -29,5 +29,5 @@ nodes
 | test.cpp:35:21:35:23 | str indirection [string] | semmle.label | str indirection [string] |
 subpaths
 #select
-| test.cpp:26:18:26:23 | Load | test.cpp:18:19:18:24 | call to malloc | test.cpp:26:18:26:23 | Load | overrunning write allocated at $@ bounded by $@ | test.cpp:18:19:18:24 | call to malloc | call to malloc | test.cpp:26:31:26:39 | Convert | Convert |
-| test.cpp:30:18:30:23 | Load | test.cpp:18:19:18:24 | call to malloc | test.cpp:30:18:30:23 | Load | overrunning write allocated at $@ bounded by $@ | test.cpp:18:19:18:24 | call to malloc | call to malloc | test.cpp:30:31:30:39 | Convert | Convert |
+| test.cpp:26:18:26:23 | Load | test.cpp:18:19:18:24 | call to malloc | test.cpp:26:18:26:23 | Load | Overrunning write allocated at $@ bounded by $@. | test.cpp:18:19:18:24 | call to malloc | call to malloc | test.cpp:26:31:26:39 | Convert | Convert |
+| test.cpp:30:18:30:23 | Load | test.cpp:18:19:18:24 | call to malloc | test.cpp:30:18:30:23 | Load | Overrunning write allocated at $@ bounded by $@. | test.cpp:18:19:18:24 | call to malloc | call to malloc | test.cpp:30:31:30:39 | Convert | Convert |
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/array-access/ArrayAccessProductFlow.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/array-access/ArrayAccessProductFlow.expected
index 67ee7f25ae7..0a8a264fc3d 100644
--- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/array-access/ArrayAccessProductFlow.expected
+++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/array-access/ArrayAccessProductFlow.expected
@@ -96,17 +96,17 @@ nodes
 | test.cpp:98:18:98:27 | call to mk_array_p indirection [p] | semmle.label | call to mk_array_p indirection [p] |
 subpaths
 #select
-| test.cpp:10:9:10:11 | Load | test.cpp:4:17:4:22 | call to malloc | test.cpp:10:9:10:11 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:4:17:4:22 | call to malloc | test.cpp:4:17:4:22 | call to malloc | test.cpp:5:25:5:28 | Load | test.cpp:5:25:5:28 | Load |
-| test.cpp:10:9:10:11 | Load | test.cpp:4:17:4:22 | call to malloc | test.cpp:10:9:10:11 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:4:17:4:22 | call to malloc | test.cpp:4:17:4:22 | call to malloc | test.cpp:9:26:9:29 | Load | test.cpp:9:26:9:29 | Load |
-| test.cpp:35:13:35:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:35:13:35:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:21:13:21:18 | call to malloc | test.cpp:21:13:21:18 | call to malloc | test.cpp:30:29:30:32 | Load | test.cpp:30:29:30:32 | Load |
-| test.cpp:35:13:35:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:35:13:35:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:21:13:21:18 | call to malloc | test.cpp:21:13:21:18 | call to malloc | test.cpp:34:30:34:33 | Load | test.cpp:34:30:34:33 | Load |
-| test.cpp:45:13:45:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:45:13:45:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:21:13:21:18 | call to malloc | test.cpp:21:13:21:18 | call to malloc | test.cpp:40:29:40:32 | Load | test.cpp:40:29:40:32 | Load |
-| test.cpp:45:13:45:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:45:13:45:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:21:13:21:18 | call to malloc | test.cpp:21:13:21:18 | call to malloc | test.cpp:44:30:44:33 | Load | test.cpp:44:30:44:33 | Load |
-| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:55:13:55:18 | call to malloc | test.cpp:55:13:55:18 | call to malloc | test.cpp:56:5:56:19 | Store | test.cpp:56:5:56:19 | Store |
-| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:55:13:55:18 | call to malloc | test.cpp:55:13:55:18 | call to malloc | test.cpp:56:5:56:19 | Store | test.cpp:56:5:56:19 | Store |
-| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:55:13:55:18 | call to malloc | test.cpp:55:13:55:18 | call to malloc | test.cpp:56:16:56:19 | Load | test.cpp:56:16:56:19 | Load |
-| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:55:13:55:18 | call to malloc | test.cpp:55:13:55:18 | call to malloc | test.cpp:58:29:58:32 | Load | test.cpp:58:29:58:32 | Load |
-| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:55:13:55:18 | call to malloc | test.cpp:55:13:55:18 | call to malloc | test.cpp:62:30:62:33 | Load | test.cpp:62:30:62:33 | Load |
-| test.cpp:83:14:83:14 | Load | test.cpp:69:14:69:19 | call to malloc | test.cpp:83:14:83:14 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:69:14:69:19 | call to malloc | test.cpp:69:14:69:19 | call to malloc | test.cpp:82:31:82:34 | Load | test.cpp:82:31:82:34 | Load |
-| test.cpp:93:14:93:14 | Load | test.cpp:69:14:69:19 | call to malloc | test.cpp:93:14:93:14 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:69:14:69:19 | call to malloc | test.cpp:69:14:69:19 | call to malloc | test.cpp:88:30:88:33 | Load | test.cpp:88:30:88:33 | Load |
-| test.cpp:93:14:93:14 | Load | test.cpp:69:14:69:19 | call to malloc | test.cpp:93:14:93:14 | Load | off-by one error allocated at $@ bounded by $@ | test.cpp:69:14:69:19 | call to malloc | test.cpp:69:14:69:19 | call to malloc | test.cpp:92:31:92:34 | Load | test.cpp:92:31:92:34 | Load |
+| test.cpp:10:9:10:11 | Load | test.cpp:4:17:4:22 | call to malloc | test.cpp:10:9:10:11 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:4:17:4:22 | call to malloc | call to malloc | test.cpp:5:25:5:28 | Load | Load |
+| test.cpp:10:9:10:11 | Load | test.cpp:4:17:4:22 | call to malloc | test.cpp:10:9:10:11 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:4:17:4:22 | call to malloc | call to malloc | test.cpp:9:26:9:29 | Load | Load |
+| test.cpp:35:13:35:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:35:13:35:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:21:13:21:18 | call to malloc | call to malloc | test.cpp:30:29:30:32 | Load | Load |
+| test.cpp:35:13:35:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:35:13:35:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:21:13:21:18 | call to malloc | call to malloc | test.cpp:34:30:34:33 | Load | Load |
+| test.cpp:45:13:45:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:45:13:45:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:21:13:21:18 | call to malloc | call to malloc | test.cpp:40:29:40:32 | Load | Load |
+| test.cpp:45:13:45:13 | Load | test.cpp:21:13:21:18 | call to malloc | test.cpp:45:13:45:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:21:13:21:18 | call to malloc | call to malloc | test.cpp:44:30:44:33 | Load | Load |
+| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:55:13:55:18 | call to malloc | call to malloc | test.cpp:56:5:56:19 | Store | Store |
+| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:55:13:55:18 | call to malloc | call to malloc | test.cpp:56:5:56:19 | Store | Store |
+| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:55:13:55:18 | call to malloc | call to malloc | test.cpp:56:16:56:19 | Load | Load |
+| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:55:13:55:18 | call to malloc | call to malloc | test.cpp:58:29:58:32 | Load | Load |
+| test.cpp:63:13:63:13 | Load | test.cpp:55:13:55:18 | call to malloc | test.cpp:63:13:63:13 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:55:13:55:18 | call to malloc | call to malloc | test.cpp:62:30:62:33 | Load | Load |
+| test.cpp:83:14:83:14 | Load | test.cpp:69:14:69:19 | call to malloc | test.cpp:83:14:83:14 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:69:14:69:19 | call to malloc | call to malloc | test.cpp:82:31:82:34 | Load | Load |
+| test.cpp:93:14:93:14 | Load | test.cpp:69:14:69:19 | call to malloc | test.cpp:93:14:93:14 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:69:14:69:19 | call to malloc | call to malloc | test.cpp:88:30:88:33 | Load | Load |
+| test.cpp:93:14:93:14 | Load | test.cpp:69:14:69:19 | call to malloc | test.cpp:93:14:93:14 | Load | Off-by one error allocated at $@ bounded by $@. | test.cpp:69:14:69:19 | call to malloc | call to malloc | test.cpp:92:31:92:34 | Load | Load |