From fd3040c8eaa96ed14a75fbd34e009da1e59dd947 Mon Sep 17 00:00:00 2001 From: SerenaFeng Date: Tue, 20 Sep 2016 14:59:28 +0800 Subject: Fix issues found in security review JIRA: QTIP-105 Change-Id: I08108a982f9059fd19b92df0d219fa8f13f288ad Signed-off-by: SerenaFeng --- func/env_setup.py | 2 +- func/spawn_vm.py | 2 +- restful_server/qtip_server.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/func/env_setup.py b/func/env_setup.py index 96f984cb..3697f235 100644 --- a/func/env_setup.py +++ b/func/env_setup.py @@ -174,7 +174,7 @@ class Env_setup: def parse(self, config_file_path): try: f_name = open(config_file_path, 'r+') - doc = yaml.load(f_name) + doc = yaml.safe_load(f_name) f_name.close() if doc['Scenario']['benchmark']: self.benchmark = doc['Scenario']['benchmark'] diff --git a/func/spawn_vm.py b/func/spawn_vm.py index 15c26861..5710308b 100644 --- a/func/spawn_vm.py +++ b/func/spawn_vm.py @@ -65,7 +65,7 @@ class SpawnVM(Env_setup): Heat_Dic = {} try: with open('./heat/SampleHeat.yaml', 'r+') as H_temp: - Heat_Dic = yaml.load(H_temp) + Heat_Dic = yaml.safe_load(H_temp) except yaml.YAMLError as exc: if hasattr(exc, 'problem_mark'): mark = exc.problem_mark diff --git a/restful_server/qtip_server.py b/restful_server/qtip_server.py index 00d598a0..67aadcd2 100644 --- a/restful_server/qtip_server.py +++ b/restful_server/qtip_server.py @@ -135,4 +135,4 @@ api.add_resource(JobList, '/api/v1.0/jobs') api.add_resource(Job, '/api/v1.0/jobs/') if __name__ == "__main__": - app.run(debug=True) + app.run() -- cgit 1.2.3-korg