From 149d3c385e7a58113ebbcae8d3a2c261aa840b3f Mon Sep 17 00:00:00 2001
From: Luke Hinds <lukehinds@gmail.com>
Date: Mon, 12 Sep 2016 15:00:27 +0100
Subject: [PATCH] Implements use of yaml.safe_load as per sec audit

Change-Id: I9b8d9746e8a3beebc1aff9f883dcec39928831d7
Signed-off-by: Luke Hinds <lukehinds@gmail.com>
---
 utils/lab-reconfiguration/reconfigUcsNet.py       | 2 +-
 utils/test/reporting/functest/reporting-status.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/utils/lab-reconfiguration/reconfigUcsNet.py b/utils/lab-reconfiguration/reconfigUcsNet.py
index 45a72a398..4c08f3dc9 100755
--- a/utils/lab-reconfiguration/reconfigUcsNet.py
+++ b/utils/lab-reconfiguration/reconfigUcsNet.py
@@ -157,7 +157,7 @@ def read_yaml_file(yamlFile):
     """
     # TODO: add check if vnic templates specified in file exist on UCS
     with open(yamlFile, 'r') as stream:
-        return yaml.load(stream)
+        return yaml.safe_load(stream)
 
 
 def set_network(handle=None, yamlFile=None):
diff --git a/utils/test/reporting/functest/reporting-status.py b/utils/test/reporting/functest/reporting-status.py
index e9e167d16..0b80fe49a 100755
--- a/utils/test/reporting/functest/reporting-status.py
+++ b/utils/test/reporting/functest/reporting-status.py
@@ -34,7 +34,7 @@ tempest = tc.TestCase("tempest_smoke_serial", "functest", -1)
 cf = conf.TEST_CONF
 response = requests.get(cf)
 
-functest_yaml_config = yaml.load(response.text)
+functest_yaml_config = yaml.safe_load(response.text)
 
 logger.info("*******************************************")
 logger.info("*   Generating reporting scenario status  *")
-- 
2.16.6