C++: Fix SnprintfOverflow issues

Requiring strict inclusion between types turned out to cause false
positives in `SnprintfOverflow`, which relied indirectly on
`RangeAnalysisUtils::linearAccessImpl` to identify acceptable bounds
checks. This query was particularly affected because `snprintf` returns
`int` (signed) but takes `size_t` (unsigned), so conversions are bound
to happen.

cpp/ql/src/semmle/code/cpp/rangeanalysis/RangeAnalysisUtils.qll

@@ -209,8 +209,10 @@ predicate linearAccessImpl(Expr expr, VariableAccess v, float p, float q) {
   | linearAccess(cast.getExpr(), v, p, q) and
     sourceType = cast.getExpr().getType().getUnspecifiedType() and
     targetType = cast.getType().getUnspecifiedType() and
-    typeLowerBound(targetType) <= typeLowerBound(sourceType) and
-    typeUpperBound(targetType) >= typeUpperBound(sourceType) and
+    // This allows conversion between signed and unsigned, which is technically
+    // lossy but common enough that we'll just have to assume the user knows
+    // what they're doing.
+    targetType.getSize() >= sourceType.getSize() and
     expr = cast)
   or
   // (p*v+q) == p*v + q