Module ZipSlip
Provides extension points for customizing the taint tracking configuration for reasoning about zip-slip vulnerabilities.
Import path
import semmle.go.security.ZipSlipCustomizations
Classes
Sanitizer | A sanitizer for zip-slip vulnerabilities. |
Sink | A data flow sink for zip-slip vulnerabilities. |
Source | A data flow source for zip-slip vulnerabilities. |
TaintedPathSanitizerAsSanitizer | A path-traversal sanitizer, considered as a sanitizer for zip slip. |
TaintedPathSanitizerGuardAsBacktrackingSanitizerGuard | A sanitizer guard for zip-slip vulnerabilities which backtracks to sanitize expressions that locally flow into a guarded expression. For example, an ordinary sanitizer guard might say that in |
TaintedPathSinkAsSink | A path-traversal sink, considered as a taint sink for zip slip. |
TarHeaderSource | A tar file header, as a source for zip slip. |
ZipFileOpen | A zipped file, excluded from for zip slip. |
ZipHeaderSource | A zip file header, as a source for zip slip. |