Module UnsafeUnzipSymlink
Provides extension points for customizing the taint tracking configuration for reasoning about zip-slip vulnerabilities.
Import path
import semmle.go.security.UnsafeUnzipSymlinkCustomizations
Classes
EvalSymlinksInvalidator | A data-flow sanitizer that prevents reaching an |
EvalSymlinksSink | A data flow sink at which symbolic links are resolved. |
FileNameSource | A file name from a zip or tar entry, as a source for unsafe unzipping of symlinks. |
FilenameWithSymlinks | A data-flow source of filenames that may contain unresolved symbolic links. |
OsSymlink | An argument to a call to |
StdlibSymlinkResolvers | An argument to |
SymlinkSanitizer | A sanitizer for an unsafe symbolic-link unzip vulnerability. |
SymlinkSink | A data flow sink for an unsafe symbolic-link unzip vulnerability. |