aboutsummaryrefslogtreecommitdiffstats
path: root/deploy/client.py
diff options
context:
space:
mode:
authorlhinds <lhinds@redhat.com>2017-07-08 16:51:27 +0100
committerJustin chi <chigang@huawei.com>2017-07-11 01:10:08 +0000
commit1833897d18fe0930984215372e1343cff1531b61 (patch)
tree4a90c727423647490da1c09bc357009871254dce /deploy/client.py
parent264ec7332c84617e95f2b7336dcee1a413bc7e6b (diff)
Utilize yaml.safe_load
The patch changes instances of yaml.load with yaml.safe_load which is more secure at blocking arbitrary code execution. The following blog has a decent explaination: https://www.kevinlondon.com/2015/08/15/dangerous-python-functions-pt2.html Change-Id: I8201baab6cb31ab31228eca83134f87a57c2f5d2 Signed-off-by: lhinds <lhinds@redhat.com>
Diffstat (limited to 'deploy/client.py')
-rw-r--r--deploy/client.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/deploy/client.py b/deploy/client.py
index 810ac118..6d5daa38 100644
--- a/deploy/client.py
+++ b/deploy/client.py
@@ -740,11 +740,11 @@ class CompassClient(object):
package_config['network_mapping'] = network_mapping
assert(os.path.exists(CONF.network_cfg))
- network_cfg = yaml.load(open(CONF.network_cfg))
+ network_cfg = yaml.safe_load(open(CONF.network_cfg))
package_config["network_cfg"] = network_cfg
assert(os.path.exists(CONF.neutron_cfg))
- neutron_cfg = yaml.load(open(CONF.neutron_cfg))
+ neutron_cfg = yaml.safe_load(open(CONF.neutron_cfg))
package_config["neutron_config"] = neutron_cfg
"""