CodeQL library for C#
codeql/csharp-all 0.4.5 (changelog, source)
Search

Module ZipSlipQuery

Provides a taint tracking configuration for reasoning about unsafe zip extraction.

Import path

import semmle.code.csharp.security.dataflow.ZipSlipQuery

Imports

csharp

The default C# QL library.

Classes

ArchiveFullNameSource

An access to the FullName property of a ZipArchiveEntry.

ExtractToFileArgSink

An argument to the ExtractToFile extension method.

FileInfoArgSink

A path argument to a call to the FileStream constructor.

FileOpenArgSink

A path argument to a File.Open, File.OpenWrite, or File.Create method call.

FileStreamArgSink

A path argument to a call to the FileStream constructor.

GetFileNameSanitizer

A call to GetFileName.

Sanitizer

A sanitizer for unsafe zip extraction.

SanitizerGuard

DEPRECATED: Use Sanitizer instead.

Sink

A data flow sink for unsafe zip extraction.

Source

A data flow source for unsafe zip extraction.

StringCheckSanitizer

A call to String.StartsWith() that indicates that the tainted path value is being validated to ensure that it occurs within a permitted output path.

SubstringSanitizer

A call to Substring.

TaintTrackingConfiguration

A taint tracking configuration for Zip Slip