PS: Add tests.

Author: MathiasVP

powershell/ql/test/query-tests/security/cwe-022/test.ps1

@@ -0,0 +1,29 @@
+Add-Type -AssemblyName System.IO.Compression.FileSystem
+
+$zip = [System.IO.Compression.ZipFile]::OpenRead("MyPath\to\archive.zip")
+
+foreach ($entry in $zip.Entries) {
+    $targetPath = Join-Path $extractPath $entry.FullName
+    $fullTargetPath = [System.IO.Path]::GetFullPath($targetPath)
+
+    [System.IO.Compression.ZipFileExtensions]::ExtractToFile($entry, $fullTargetPath) # BAD [NOT DETECTED]
+}
+
+foreach ($entry in $zip.Entries) {
+    $targetPath = Join-Path $extractPath $entry.FullName
+    $fullTargetPath = [System.IO.Path]::GetFullPath($targetPath)
+
+    $stream = [System.IO.File]::Open($fullTargetPath, 'Create') # BAD [NOT DETECTED]
+    $entry.Open().CopyTo($stream)
+    $stream.Close()
+}
+
+foreach ($entry in $zip.Entries) {
+    $targetPath = Join-Path $extractPath $entry.FullName
+    $fullTargetPath = [System.IO.Path]::GetFullPath($targetPath)
+
+    $extractRoot = [System.IO.Path]::GetFullPath($extractPath)
+    if ($fullTargetPath.StartsWith($extractRoot)) {
+        [System.IO.Compression.ZipFileExtensions]::ExtractToFile($entry, $fullTargetPath) # GOOD
+    }
+}

powershell/ql/test/query-tests/security/cwe-022/zipslip.expected

@@ -0,0 +1,3 @@
+edges
+subpaths
+#select

powershell/ql/test/query-tests/security/cwe-022/zipslip.qlref

@@ -0,0 +1 @@
+queries/security/cwe-022/ZipSlip.ql