Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 27b9d6c

Browse files
ahmed-farid-devahmed-farid-dev
authored
Update ZipSlip.qll
1 parent 23bd53a commit 27b9d6c

1 file changed

Lines changed: 5 additions & 2 deletions

File tree

  • python/ql/src/experimental/semmle/python/security

python/ql/src/experimental/semmle/python/security/ZipSlip.qll

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,11 @@ class ZipSlipConfig extends TaintTracking::Configuration {
99
override predicate isSource(DataFlow::Node source) {
1010
source = API::moduleImport("zipfile").getMember("ZipFile").getACall() or
1111
source = API::moduleImport("tarfile").getMember("open").getACall() or
12-
source = API::moduleImport("gzip").getMember("open").getACall() or
13-
source = API::moduleImport("bz2").getMember("open").getACall()
12+
source = API::moduleImport("tarfile").getMember("TarFile").getACall() or
13+
source = API::moduleImport("bz2").getMember("open").getACall() or
14+
source = API::moduleImport("bz2").getMember("BZ2File").getACall() or
15+
source = API::moduleImport("gzip").getMember("GzipFile").getACall() or
16+
source = API::moduleImport("gzip").getMember("open").getACall()
1417
}
1518

1619
override predicate isSink(DataFlow::Node sink) {

0 commit comments

Comments
 (0)