C#: Re-factor ZipSlip to use the new API.

Author: michaelnebel

csharp/ql/lib/semmle/code/csharp/security/dataflow/ZipSlipQuery.qll

@@ -27,8 +27,12 @@ abstract class Sanitizer extends DataFlow::ExprNode { }
  */
 abstract deprecated class SanitizerGuard extends DataFlow::BarrierGuard { }
 
-/** A taint tracking configuration for Zip Slip */
-class TaintTrackingConfiguration extends TaintTracking::Configuration {
+/**
+ * DEPRECATED: Use `ZipSlip` instead.
+ *
+ * A taint tracking configuration for Zip Slip.
+ */
+deprecated class TaintTrackingConfiguration extends TaintTracking::Configuration {
   TaintTrackingConfiguration() { this = "ZipSlipTaintTracking" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof Source }
@@ -42,6 +46,22 @@ class TaintTrackingConfiguration extends TaintTracking::Configuration {
   }
 }
 
+/**
+ * A taint tracking configuration for Zip Slip.
+ */
+private module ZipSlipConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof Source }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
+}
+
+/**
+ * A taint tracking module for Zip Slip.
+ */
+module ZipSlip = TaintTracking::Global<ZipSlipConfig>;
+
 /** An access to the `FullName` property of a `ZipArchiveEntry`. */
 class ArchiveFullNameSource extends Source {
   ArchiveFullNameSource() {

csharp/ql/src/Security Features/CWE-022/ZipSlip.ql

@@ -14,10 +14,10 @@
 
 import csharp
 import semmle.code.csharp.security.dataflow.ZipSlipQuery
-import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
+import ZipSlip::PathGraph
 
-from TaintTrackingConfiguration zipTaintTracking, DataFlow::PathNode source, DataFlow::PathNode sink
-where zipTaintTracking.hasFlowPath(source, sink)
+from ZipSlip::PathNode source, ZipSlip::PathNode sink
+where ZipSlip::flowPath(source, sink)
 select source.getNode(), source, sink,
   "Unsanitized archive entry, which may contain '..', is used in a $@.", sink.getNode(),
   "file system operation"