CPP: Fix crement operations on pointers.

cpp/ql/src/semmle/code/cpp/security/Overflow.qll

@@ -63,7 +63,7 @@ predicate missingGuardAgainstOverflow(Operation e, VariableAccess use) {
   exists(LocalScopeVariable v | use.getTarget() = v |
     // overflow possible if large
     (e instanceof AddExpr and not guardedLesser(e, varUse(v))) or
-    (e instanceof IncrementOperation and not guardedLesser(e, varUse(v))) or     
+    (e instanceof IncrementOperation and not guardedLesser(e, varUse(v)) and v.getType().getUnspecifiedType() instanceof IntegralType) or     
     // overflow possible if large or small
     (e instanceof MulExpr and
       not (guardedLesser(e, varUse(v)) and guardedGreater(e, varUse(v))))
@@ -77,7 +77,7 @@ predicate missingGuardAgainstUnderflow(Operation e, VariableAccess use) {
     // underflow possible if use is left operand and small
     (use = e.(SubExpr).getLeftOperand() and not guardedGreater(e, varUse(v))) or
     // underflow possible if small
-    (e instanceof DecrementOperation and not guardedGreater(e, varUse(v))) or
+    (e instanceof DecrementOperation and not guardedGreater(e, varUse(v)) and v.getType().getUnspecifiedType() instanceof IntegralType) or
     // underflow possible if large or small
     (e instanceof MulExpr and
       not (guardedLesser(e, varUse(v)) and guardedGreater(e, varUse(v))))