Provides default sources, sinks and sanitizers for detecting “tar slip” vulnerabilities, as well as extension points for adding your own.
A sanitizer based on file name. This because we extract the standard library.
A sink capturing method calls to
An argument to
A sanitizer for “tar slip” vulnerabilities.
A data flow sink for “tar slip” vulnerabilities.
A data flow source for “tar slip” vulnerabilities.
A sanitizer guard heuristic.
A call to