add "linkname" as a file-name-property for zip-slip

erik-krogh · erik-krogh · commit 71e7083dcb53 · 2020-05-14T09:06:23.000+02:00
diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/ZipSlipCustomizations.qll b/javascript/ql/src/semmle/javascript/security/dataflow/ZipSlipCustomizations.qll
@@ -47,11 +47,13 @@ module ZipSlip {
     )
   }
 
-  /** Gets a property that is used to get the filename part of an archive entry. */
+  /** Gets a property that is used to get a filename part of an archive entry. */
   private string getAFilenameProperty() {
     result = "path" // Used by library 'unzip'.
     or
     result = "name" // Used by library 'tar-stream'.
+    or
+    result = "linkname" // linked file name, used by 'tar-stream'.
   }
 
   /** An archive entry path access, as a source for unsafe archive extraction. */

Original file line number	Diff line number	Diff line change
`@@ -47,11 +47,13 @@ module ZipSlip {`
`47`	`47`	`)`
`48`	`48`	`}`
`49`	`49`
`50`		`- /** Gets a property that is used to get the filename part of an archive entry. */`
	`50`	`+ /** Gets a property that is used to get a filename part of an archive entry. */`
`51`	`51`	`private string getAFilenameProperty() {`
`52`	`52`	`result = "path" // Used by library 'unzip'.`
`53`	`53`	`or`
`54`	`54`	`result = "name" // Used by library 'tar-stream'.`
	`55`	`+ or`
	`56`	`+ result = "linkname" // linked file name, used by 'tar-stream'.`
`55`	`57`	`}`
`56`	`58`
`57`	`59`	`/** An archive entry path access, as a source for unsafe archive extraction. */`