Module TaintedPath

A check of the form !strings.Contains(nd, ".."), considered as a sanitizer guard for path traversal.

A replacement of the form !strings.ReplaceAll(nd, "..") or !strings.ReplaceAll(nd, "."), considered as a sanitizer for path traversal.

A call to filepath.Clean("/" + e), considered to sanitize e against path traversal.

A call to filepath.Rel, considered as a sanitizer for path traversal.

A call of the form filepath.IsLocal(path) considered as a sanitizer guard for path.

A read from the field Filename of the type mime/multipart.FileHeader, considered as a sanitizer for path traversal.

A call to mime/multipart.Part.FileName, considered as a sanitizer against path traversal.

A call to mux.Vars(path), considered to sanitize path against path traversal. Only enabled when SkipClean is not set true.

A numeric- or boolean-typed node, considered a sanitizer for path traversal.

A path expression, considered as a taint sink for path traversal.

A node nd guarded by a check that ensures it is contained within some root folder, considered as a sanitizer for path traversal.

A call of the form strings.HasPrefix(path, ...) considered as a sanitizer guard for path.

A call to a regexp match function, considered as a sanitizer guard for paths.

A sanitizer for path-traversal vulnerabilities.

A sanitizer guard for path-traversal vulnerabilities.

A data flow sink for path-traversal vulnerabilities.

A data flow source for path-traversal vulnerabilities.

DEPRECATED: Use ActiveThreatModelSource or Source instead.