CodeQL library for C#
codeql/csharp-all 5.1.6 (changelog, source)
Index
Search

Module ZipSlipQuery

Provides a taint tracking configuration for reasoning about unsafe zip extraction.

Import path

import semmle.code.csharp.security.dataflow.ZipSlipQuery

Imports

csharp

The default C# QL library.

Classes

ArchiveFullNameSource

An access to the FullName property of a ZipArchiveEntry.

ExtractToFileArgSink

An argument to the ExtractToFile extension method.

FileInfoArgSink

A path argument to a call to the FileStream constructor.

FileOpenArgSink

A path argument to a File.Open, File.OpenWrite, or File.Create method call.

FileStreamArgSink

A path argument to a call to the FileStream constructor.

GetFileNameSanitizer

A call to GetFileName.

Sanitizer

A sanitizer for unsafe zip extraction.

Sink

A data flow sink for unsafe zip extraction.

Source

A data flow source for unsafe zip extraction.

StringCheckSanitizer

A call to String.StartsWith() that indicates that the tainted path value is being validated to ensure that it occurs within a permitted output path.

SubstringSanitizer

A call to Substring.

Aliases

ZipSlip

A taint tracking module for Zip Slip.