C++: Fix use-after-cast bug in SimpleRangeAnalysis

Like everywhere else in the range analysis, operands to comparison
operators must be considered in their fully-converted form.

Author: jbj

cpp/ql/src/semmle/code/cpp/rangeanalysis/RangeAnalysisUtils.qll

@@ -47,8 +47,8 @@ predicate relOp(
   RelationalOperation rel, Expr lhs, Expr rhs,
   RelationDirection dir, RelationStrictness strict
 ) {
-  lhs = rel.getLeftOperand() and
-  rhs = rel.getRightOperand() and
+  lhs = rel.getLeftOperand().getFullyConverted() and
+  rhs = rel.getRightOperand().getFullyConverted() and
   ((rel instanceof LTExpr and dir = Lesser()  and strict = Strict()) or
    (rel instanceof LEExpr and dir = Lesser()  and strict = Nonstrict()) or
    (rel instanceof GTExpr and dir = Greater() and strict = Strict()) or
@@ -104,8 +104,8 @@ predicate relOpWithSwapAndNegate(
  */
 private
 predicate eqOp(EqualityOperation cmp, Expr lhs, Expr rhs, boolean isEQ) {
-  lhs = cmp.getLeftOperand() and
-  rhs = cmp.getRightOperand() and
+  lhs = cmp.getLeftOperand().getFullyConverted() and
+  rhs = cmp.getRightOperand().getFullyConverted() and
   ((cmp instanceof EQExpr and isEQ = true) or
    (cmp instanceof NEExpr and isEQ = false))
 }

cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/test.cpp

@@ -74,7 +74,7 @@ void use_after_cast(unsigned char c)
   unsigned short c_times_2 = c + c;
   if ((unsigned char)c_times_2 == 0)
   {
-    c_times_2; // BUG: upper bound should be 510, not 0
+    c_times_2;
   }
-  c_times_2; // BUG: upper bound should be 510, not 255
+  c_times_2;
 }

cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/upperBound.expected

@@ -462,5 +462,5 @@
 | test.cpp:74:30:74:30 | c | 255.0 |
 | test.cpp:74:34:74:34 | c | 255.0 |
 | test.cpp:75:22:75:30 | c_times_2 | 510.0 |
-| test.cpp:77:5:77:13 | c_times_2 | 0.0 |
-| test.cpp:79:3:79:11 | c_times_2 | 255.0 |
+| test.cpp:77:5:77:13 | c_times_2 | 510.0 |
+| test.cpp:79:3:79:11 | c_times_2 | 510.0 |