Project

Profile

Help

Issue #2290

Use yaml.load instead of yaml.safe_load

Added by pcreech over 3 years ago. Updated 5 months ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
Start date:
Due date:
Severity:
1. Low
Version:
Platform Release:
Blocks Release:
OS:
Backwards Incompatible:
No
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Easy Fix
QA Contact:
Complexity:
Smash Test:
Verified:
No
Verification Required:
No
Sprint:

Description

In the new 3.0 config loading mechanism, we load the yaml file using yaml.load. This is unsafe, as this can end up runing functions while loading the yaml file.

Using yaml.safe_load will prevent this

Associated revisions

Revision 310ef94f View on GitHub
Added by pcreech over 3 years ago

Use yaml.safe_load instead of yaml.load

Use yaml.safe_load instead of yaml.load, as yaml.load is dangerous

Look at http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more info

closes #2290

Revision 310ef94f View on GitHub
Added by pcreech over 3 years ago

Use yaml.safe_load instead of yaml.load

Use yaml.safe_load instead of yaml.load, as yaml.load is dangerous

Look at http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more info

closes #2290

History

#1 Updated by pcreech over 3 years ago

  • Status changed from NEW to POST

#2 Updated by pcreech over 3 years ago

  • Status changed from POST to MODIFIED

#3 Updated by daviddavis about 1 year ago

  • Sprint/Milestone set to 3.0.0

#4 Updated by bmbouter about 1 year ago

  • Tags deleted (Pulp 3)

#5 Updated by bmbouter 5 months ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE

Please register to edit this issue

Also available in: Atom PDF