Project

Profile

Help

Send by e-mail

Issue #2290

Use yaml.load instead of yaml.safe_load

Added by pcreech over 5 years ago. Updated about 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
3.0.0
Start date:
Due date:
Estimated time:
Severity:
1. Low
Version:
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Easy Fix
Sprint:
Quarter:

Description

In the new 3.0 config loading mechanism, we load the yaml file using yaml.load. This is unsafe, as this can end up runing functions while loading the yaml file.

Using yaml.safe_load will prevent this

Associated revisions

Revision 310ef94f View on GitHub
Added by pcreech over 5 years ago

Use yaml.safe_load instead of yaml.load

Use yaml.safe_load instead of yaml.load, as yaml.load is dangerous

Look at http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more info

closes #2290

Revision 310ef94f View on GitHub
Added by pcreech over 5 years ago

Use yaml.safe_load instead of yaml.load

Use yaml.safe_load instead of yaml.load, as yaml.load is dangerous

Look at http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more info

closes #2290

History

#1 Updated by pcreech over 5 years ago

  • Status changed from NEW to POST

#2 Updated by pcreech over 5 years ago

  • Status changed from POST to MODIFIED

#3 Updated by daviddavis almost 3 years ago

  • Sprint/Milestone set to 3.0.0

#4 Updated by bmbouter almost 3 years ago

  • Tags deleted (Pulp 3)

#5 Updated by bmbouter about 2 years ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Send by e-mail

Also available in: Atom PDF