Module ZipSlip

Provides extension points for customizing the taint tracking configuration for reasoning about zip-slip vulnerabilities.

Import path

import semmle.go.security.ZipSlipCustomizations

Sanitizer	A sanitizer for zip-slip vulnerabilities.
Sink	A data flow sink for zip-slip vulnerabilities.
Source	A data flow source for zip-slip vulnerabilities.
TaintedPathSanitizerAsSanitizer	A path-traversal sanitizer, considered as a sanitizer for zip slip.
TaintedPathSanitizerGuardAsBacktrackingSanitizerGuard	A sanitizer guard for zip-slip vulnerabilities which backtracks to sanitize expressions that locally flow into a guarded expression. For example, an ordinary sanitizer guard might say that in `if x { z := y }` the reference to `y` is sanitized because of the guard `x`; these guards say that if the function begins `f(p string) { w := filepath.Join(p); y := filepath.Dir(w) }` then both `p` and `w` are also sanitized as expressions that contributed taint to `y`.
TaintedPathSinkAsSink	A path-traversal sink, considered as a taint sink for zip slip.
TarHeaderSource	A tar file header, as a source for zip slip.
ZipFileOpen	A zipped file, excluded from for zip slip.
ZipHeaderSource	A zip file header, as a source for zip slip.