flawfinder.1: Document that hitlists should be trusted to be loaded or diffed

2014-07-19 20:42:37 -04:00 · 2014-07-19 20:42:37 -04:00 · 564b78b98d
parent f980d02e2d
commit 564b78b98d
1 changed files with 6 additions and 0 deletions
--- a/flawfinder.1
+++ b/flawfinder.1
@ -488,11 +488,13 @@ Save all resulting hits (the "hitlist") to F.
 .TP
 \fB\-\-loadhitlist=\fR\fIF\fR
 Load the hitlist from F instead of analyzing source programs.
+Do not load hitlists from untrusted sources.

 .TP
 \fB\-\-diffhitlist=\fR\fIF\fR
 Show only hits (loaded or analyzed) not in F.
 F was presumably created previously using \-\-savehitlist.
+Do not diff hitlists from untrusted sources.
 If the \-\-loadhitlist option is not provided, this will show the hits in
 the analyzed source code files that were not previously stored in F.
 If used along with \-\-loadhitlist, this will show the hits in the
@ -912,6 +914,10 @@ COM1-COM9, and LPT1-LPT9, optionally followed by an extension
 (e.g., ``com1.txt''), in any directory, and in any case
 (Windows is case-insensitive).
 .\" See 'Writing Secure Code' by Howard and LeBlanc, pg. 223
+.PP
+Do not load or diff hitlists from untrusted sources.
+They are implemented using the Python pickle module, which is not
+intended to be secure against erroneous or maliciously constructed data.


 .SH BUGS