Implements use of yaml.safe_load as per sec audit 11/20911/1
authorLuke Hinds <lukehinds@gmail.com>
Mon, 12 Sep 2016 14:00:27 +0000 (15:00 +0100)
committerLuke Hinds <lukehinds@gmail.com>
Mon, 12 Sep 2016 14:00:27 +0000 (15:00 +0100)
Change-Id: I9b8d9746e8a3beebc1aff9f883dcec39928831d7
Signed-off-by: Luke Hinds <lukehinds@gmail.com>
utils/lab-reconfiguration/reconfigUcsNet.py
utils/test/reporting/functest/reporting-status.py

index 45a72a3..4c08f3d 100755 (executable)
@@ -157,7 +157,7 @@ def read_yaml_file(yamlFile):
     """
     # TODO: add check if vnic templates specified in file exist on UCS
     with open(yamlFile, 'r') as stream:
     """
     # TODO: add check if vnic templates specified in file exist on UCS
     with open(yamlFile, 'r') as stream:
-        return yaml.load(stream)
+        return yaml.safe_load(stream)
 
 
 def set_network(handle=None, yamlFile=None):
 
 
 def set_network(handle=None, yamlFile=None):
index e9e167d..0b80fe4 100755 (executable)
@@ -34,7 +34,7 @@ tempest = tc.TestCase("tempest_smoke_serial", "functest", -1)
 cf = conf.TEST_CONF
 response = requests.get(cf)
 
 cf = conf.TEST_CONF
 response = requests.get(cf)
 
-functest_yaml_config = yaml.load(response.text)
+functest_yaml_config = yaml.safe_load(response.text)
 
 logger.info("*******************************************")
 logger.info("*   Generating reporting scenario status  *")
 
 logger.info("*******************************************")
 logger.info("*   Generating reporting scenario status  *")