From 683fb00d41ed6a0a353cb1738b29216c05cd976e Mon Sep 17 00:00:00 2001 From: Ross Brattain Date: Sat, 22 Jul 2017 15:15:13 -0700 Subject: replace yaml.load with yaml.safe_load yaml.safe_load is safer, obviously. anteater will check for this template_format use specialized constructor based on yaml.SafeLoader JIRA: YARDSTICK-760 Change-Id: Ia3b0b3aa0765385a0ee472a4d83f49d424b5a77f Signed-off-by: Ross Brattain --- yardstick/benchmark/core/plugin.py | 2 +- yardstick/benchmark/core/task.py | 4 ++-- yardstick/benchmark/core/testcase.py | 2 +- yardstick/benchmark/scenarios/availability/attacker/baseattacker.py | 2 +- yardstick/benchmark/scenarios/availability/monitor/basemonitor.py | 2 +- yardstick/benchmark/scenarios/availability/operation/baseoperation.py | 2 +- .../scenarios/availability/result_checker/baseresultchecker.py | 2 +- yardstick/common/template_format.py | 1 + 8 files changed, 9 insertions(+), 8 deletions(-) (limited to 'yardstick') diff --git a/yardstick/benchmark/core/plugin.py b/yardstick/benchmark/core/plugin.py index c8d0865d1..a741d5e74 100644 --- a/yardstick/benchmark/core/plugin.py +++ b/yardstick/benchmark/core/plugin.py @@ -153,7 +153,7 @@ class PluginParser(object): raise e print("Input plugin is:\n%s\n" % rendered_plugin) - cfg = yaml.load(rendered_plugin) + cfg = yaml.safe_load(rendered_plugin) except IOError as ioerror: sys.exit(ioerror) diff --git a/yardstick/benchmark/core/task.py b/yardstick/benchmark/core/task.py index b2da7a2ee..af508496f 100644 --- a/yardstick/benchmark/core/task.py +++ b/yardstick/benchmark/core/task.py @@ -411,7 +411,7 @@ class TaskParser(object): # pragma: no cover try: with open(self.path) as stream: - cfg = yaml.load(stream) + cfg = yaml.safe_load(stream) except IOError as ioerror: sys.exit(ioerror) @@ -475,7 +475,7 @@ class TaskParser(object): # pragma: no cover raise e print("Input task is:\n%s\n" % rendered_task) - cfg = yaml.load(rendered_task) + cfg = yaml.safe_load(rendered_task) except IOError as ioerror: sys.exit(ioerror) diff --git a/yardstick/benchmark/core/testcase.py b/yardstick/benchmark/core/testcase.py index 7b23b73aa..7ab1b08cf 100644 --- a/yardstick/benchmark/core/testcase.py +++ b/yardstick/benchmark/core/testcase.py @@ -69,7 +69,7 @@ class Testcase(object): def _parse_testcase(self, testcase_info): rendered_testcase = TaskTemplate.render(testcase_info) - testcase_cfg = yaml.load(rendered_testcase) + testcase_cfg = yaml.safe_load(rendered_testcase) test_precondition = testcase_cfg.get('precondition', {}) installer_type = test_precondition.get('installer_type', 'all') diff --git a/yardstick/benchmark/scenarios/availability/attacker/baseattacker.py b/yardstick/benchmark/scenarios/availability/attacker/baseattacker.py index 7b3d8b0be..a20b26396 100644 --- a/yardstick/benchmark/scenarios/availability/attacker/baseattacker.py +++ b/yardstick/benchmark/scenarios/availability/attacker/baseattacker.py @@ -56,7 +56,7 @@ class BaseAttacker(object): def __init__(self, config, context): if not BaseAttacker.attacker_cfgs: with open(attacker_conf_path) as stream: - BaseAttacker.attacker_cfgs = yaml.load(stream) + BaseAttacker.attacker_cfgs = yaml.safe_load(stream) self._config = config self._context = context diff --git a/yardstick/benchmark/scenarios/availability/monitor/basemonitor.py b/yardstick/benchmark/scenarios/availability/monitor/basemonitor.py index ba3370003..6165aba74 100644 --- a/yardstick/benchmark/scenarios/availability/monitor/basemonitor.py +++ b/yardstick/benchmark/scenarios/availability/monitor/basemonitor.py @@ -74,7 +74,7 @@ class BaseMonitor(multiprocessing.Process): def __init__(self, config, context, data): if not BaseMonitor.monitor_cfgs: with open(monitor_conf_path) as stream: - BaseMonitor.monitor_cfgs = yaml.load(stream) + BaseMonitor.monitor_cfgs = yaml.safe_load(stream) multiprocessing.Process.__init__(self) self._config = config self._context = context diff --git a/yardstick/benchmark/scenarios/availability/operation/baseoperation.py b/yardstick/benchmark/scenarios/availability/operation/baseoperation.py index 88ca9e2bb..4c2ce82d9 100644 --- a/yardstick/benchmark/scenarios/availability/operation/baseoperation.py +++ b/yardstick/benchmark/scenarios/availability/operation/baseoperation.py @@ -54,7 +54,7 @@ class BaseOperation(object): def __init__(self, config, context): if not BaseOperation.operation_cfgs: with open(operation_conf_path) as stream: - BaseOperation.operation_cfgs = yaml.load(stream) + BaseOperation.operation_cfgs = yaml.safe_load(stream) self.key = '' self._config = config self._context = context diff --git a/yardstick/benchmark/scenarios/availability/result_checker/baseresultchecker.py b/yardstick/benchmark/scenarios/availability/result_checker/baseresultchecker.py index 1ccd05844..ce34d8be0 100644 --- a/yardstick/benchmark/scenarios/availability/result_checker/baseresultchecker.py +++ b/yardstick/benchmark/scenarios/availability/result_checker/baseresultchecker.py @@ -58,7 +58,7 @@ class BaseResultChecker(object): def __init__(self, config, context): if not BaseResultChecker.resultchecker_cfgs: with open(resultchecker_conf_path) as stream: - BaseResultChecker.resultchecker_cfgs = yaml.load(stream) + BaseResultChecker.resultchecker_cfgs = yaml.safe_load(stream) self.actualResult = object() self.expectedResult = object() self.success = False diff --git a/yardstick/common/template_format.py b/yardstick/common/template_format.py index e1662ced1..98c0a0b3c 100644 --- a/yardstick/common/template_format.py +++ b/yardstick/common/template_format.py @@ -51,6 +51,7 @@ def parse(tmpl_str): tpl = jsonutils.loads(tmpl_str) else: try: + # we already use SafeLoader when constructing special Heat YAML loader class tpl = yaml.load(tmpl_str, Loader=yaml_loader) except yaml.YAMLError as yea: raise ValueError(yea) -- cgit 1.2.3-korg