When no type info exists - use variable names for fqn

[OrenGitHub]

dynamic languages are often without any type information.

//                 +++ the name req is informative ! use it !
app.post('/vuln', (req, res) => { ... });

Instead of having a lorem ipsum ( below as blah ) use the actual name:

2178             "from": {
2179                 "contents": {
2180                     "tmpVariableFqn": {
2181                         "content": "blah.query" <--- use req instead of blah ...
2182                     },
2183                     "tmpVariableLocation": {
2184                         "colEnd": 22,
2185                         "colStart": 14,
2186                         "filename": "workdir/73412fec1a87a2a7fd9caff0c5bfd92dc3e83052b9ec95965646643062295ea6/usr/app/main.js",
2187                         "lineEnd": 17,
2188                         "lineStart": 17
2189                     }
2190                 },
2191                 "tag": "TmpVariableCtor"
2192             },
2193             "to": {
2194                 "contents": {
2195                     "tmpVariableFqn": {
2196                         "content": "blah.query.evilCode" <--- use req instead of blah ...
2197                     },
2198                     "tmpVariableLocation": {
2199                         "colEnd": 31,
2200                         "colStart": 14,
2201                         "filename": "workdir/73412fec1a87a2a7fd9caff0c5bfd92dc3e83052b9ec95965646643062295ea6/usr/app/main.js",
2202                         "lineEnd": 17,
2203                         "lineStart": 17
2204                     }
2205                 },
2206                 "tag": "TmpVariableCtor"
2207             }

[OrenGitHub]

• [x] delegate to codegen

[OrenGitHub]

delegated to codegen here