CodeQL library for Go
codeql/go-all 0.7.15-dev (changelog, source)
Index
Search

Module UnsafeUnzipSymlink

Provides taint tracking configurations for reasoning about unsafe extraction of symlinks from archive files.

Note: for performance reasons, only import this file if UnsafeUnzipSymlink::EvalSymlinksConfiguration and/or UnsafeUnzipSymlink::SymlinkConfiguration is needed, otherwise UnsafeUnzipSymlinkCustomizations should be imported instead.

Import path

import semmle.go.security.UnsafeUnzipSymlink

Imports

go

Provides classes for working with Go programs.

Modules

UnsafeUnzipSymlink

Provides a taint tracking configuration for reasoning about zip-slip vulnerabilities.