File tree Expand file tree Collapse file tree 1 file changed +4
-4
lines changed
csharp/ql/src/semmle/code/csharp/security/dataflow Expand file tree Collapse file tree 1 file changed +4
-4
lines changed Original file line number Diff line number Diff line change @@ -98,7 +98,7 @@ module ZipSlip {
9898 }
9999
100100 /**
101- * An call to `GetFileName`.
101+ * A call to `GetFileName`.
102102 *
103103 * This is considered a sanitizer because it extracts just the file name, not the full path.
104104 */
@@ -127,10 +127,10 @@ module ZipSlip {
127127 }
128128
129129 /**
130- * An expression which is guarded by a call to `StartsWith`.
130+ * An expression which is guarded by a call to `String. StartsWith`.
131131 *
132- * A call to a String method such as ` StartsWith` can indicate a check for a
133- * relative path, or a check against the destination folder for whitelisted/target path, etc .
132+ * A call to the method `String. StartsWith` can indicate the the tainted path value is being
133+ * validated to ensure that it occurs within a permitted output path.
134134 */
135135 class StringCheckSanitizer extends Sanitizer {
136136 StringCheckSanitizer ( ) {
You can’t perform that action at this time.
0 commit comments