For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

ZipSlipQuery

Module ZipSlipQuery

Provides a taint tracking configuration for reasoning about unsafe zip extraction.


                                import semmle.code.csharp.security.dataflow.ZipSlipQuery

The default C# QL library.

ArchiveFullNameSource	An access to the `FullName` property of a `ZipArchiveEntry`.
ExtractToFileArgSink	An argument to the `ExtractToFile` extension method.
FileInfoArgSink	A path argument to a call to the `FileStream` constructor.
FileOpenArgSink	A path argument to a `File.Open`, `File.OpenWrite`, or `File.Create` method call.
FileStreamArgSink	A path argument to a call to the `FileStream` constructor.
GetFileNameSanitizer	A call to `GetFileName`.
Sanitizer	A sanitizer for unsafe zip extraction.
SanitizerGuard	DEPRECATED: Use `Sanitizer` instead.
Sink	A data flow sink for unsafe zip extraction.
Source	A data flow source for unsafe zip extraction.
StringCheckSanitizer	A call to `String.StartsWith()` that indicates that the tainted path value is being validated to ensure that it occurs within a permitted output path.
SubstringSanitizer	A call to `Substring`.
TaintTrackingConfiguration	DEPRECATED: Use `ZipSlip` instead.

A taint tracking module for Zip Slip.