hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update ZipSlip.ql

Browse Source
This commit is contained in:
Ahmed Farid
2022-03-11 14:13:28 +01:00
committed by GitHub
parent 0de1cef26e
commit eb71cdf7a2
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/src/experimental/Security/CWE-022/ZipSlip.ql
View File

@@ -16,9 +16,8 @@ import python
import experimental.semmle.python.security.ZipSlip
import DataFlow::PathGraph
from ZipSlipConfig config, DataFlow::PathNode source,
DataFlow::PathNode sink
from ZipSlipConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Extraction of zipfile from $@", source.getNode(),
"a potentially untrusted source"