hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
aa2a49d1898043e57c391d7abc1d9c3e3b5b51a2
codeql/javascript/ql/test/query-tests/Security/CWE-022/ZipSlip/TarSlipBad.js

19 lines
387 B
JavaScript
Raw Blame History

const fs = require('fs');
const tar = require('tar-stream');
const extract = tar.extract();
extract.on('entry', (header, stream, next) => {
const out = fs.createWriteStream(header.name);
stream.pipe(out);
stream.on('end', () => {
next();
})
stream.resume();
})
extract.on('finish', () => {
console.log('finished');
});
fs.createReadStream('./bad.tar').pipe(extract);
Reference in New Issue View Git Blame Copy Permalink