CodeQL library for C#

codeql/csharp-all 0.9.0 (changelog, source)

Module ZipSlipQuery

Provides a taint tracking configuration for reasoning about unsafe zip extraction.

Import path

import semmle.code.csharp.security.dataflow.ZipSlipQuery

Imports

The default C# QL library.

Classes

ArchiveFullNameSource	An access to the `FullName` property of a `ZipArchiveEntry`.
ExtractToFileArgSink	An argument to the `ExtractToFile` extension method.
FileInfoArgSink	A path argument to a call to the `FileStream` constructor.
FileOpenArgSink	A path argument to a `File.Open`, `File.OpenWrite`, or `File.Create` method call.
FileStreamArgSink	A path argument to a call to the `FileStream` constructor.
GetFileNameSanitizer	A call to `GetFileName`.
Sanitizer	A sanitizer for unsafe zip extraction.
Sink	A data flow sink for unsafe zip extraction.
Source	A data flow source for unsafe zip extraction.
StringCheckSanitizer	A call to `String.StartsWith()` that indicates that the tainted path value is being validated to ensure that it occurs within a permitted output path.
SubstringSanitizer	A call to `Substring`.
TaintTrackingConfiguration	DEPRECATED: Use `ZipSlip` instead.

Aliases

A taint tracking module for Zip Slip.