lgtm: replace the query used for looking for fgets with a more general query

to make it easier to comlain about `strtok` :-)

Inspired by https://github.com/systemd/systemd/pull/11963, which, in turn,
was prompted by https://github.com/systemd/systemd/pull/11555.

.lgtm/cpp-queries/PotentiallyDangerousFunction.ql

@@ -0,0 +1,30 @@
+/**
+ * @name Use of potentially dangerous function
+ * @description Certain standard library functions are dangerous to call.
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @id cpp/potentially-dangerous-function
+ * @tags reliability
+ *       security
+ *
+ * Borrowed from
+ * https://github.com/Semmle/ql/blob/master/cpp/ql/src/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
+ */
+import cpp
+
+predicate potentiallyDangerousFunction(Function f, string message) {
+  (
+    f.getQualifiedName() = "fgets" and
+    message = "Call to fgets is potentially dangerous. Use read_line() instead."
+  ) or (
+    f.getQualifiedName() = "strtok" and
+    message = "Call to strtok is potentially dangerous. Use extract_first_word() instead."
+  )
+}
+
+from FunctionCall call, Function target, string message
+where
+  call.getTarget() = target and
+  potentiallyDangerousFunction(target, message)
+select call, message

.lgtm/cpp-queries/fgets.ql

@@ -1,21 +0,0 @@
-/**
- * @name Use of fgets()
- * @description fgets() is dangerous to call. Use read_line() instead.
- * @kind problem
- * @problem.severity error
- * @precision high
- * @id cpp/fgets
- * @tags reliability
- *       security
- */
-import cpp
-
-predicate dangerousFunction(Function function) {
-  exists (string name | name = function.getQualifiedName() |
-    name = "fgets")
-}
-
-from FunctionCall call, Function target
-where call.getTarget() = target
-  and dangerousFunction(target)
-select call, target.getQualifiedName() + " is potentially dangerous"