Module ZipSlipQuery
Provides dataflow configurations to be used in ZipSlip queries.
Import path
import semmle.code.java.security.ZipSlipQueryImports
| PathSanitizer | Provides classes and predicates to reason about sanitization of path injection vulnerabilities. |
| TaintTracking | Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses. |
| java | Provides all default Java QL imports. |
Modules
| ZipSlipConfig | A taint-tracking configuration for reasoning about unsafe zip file extraction. |
Aliases
| ZipSlipFlow | Tracks flow from archive entries to file creation. |