diff options
author | Corentin LABBE <clabbe@baylibre.com> | 2019-09-03 14:57:37 +0200 |
---|---|---|
committer | Corentin LABBE <clabbe@baylibre.com> | 2019-09-03 14:57:37 +0200 |
commit | 57bfd7462de249be794db3d015e7aa8177891863 (patch) | |
tree | 63f92d5c2c23a1842e65154129d74a26838bc0ce | |
parent | 12aa09489580123698d1f791b01daf8371fa0228 (diff) |
Use yaml safe_load insteald of load
On my gentoo, using yaml.load now give:
Traceback (most recent call last):
raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
RuntimeError: Unsafe load() call disabled by Gentoo. See bug #659348
Note that on recent ubuntu, a warning appears also.
YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
This is due to a security risk of using yaml.load()
Since we didnt rely on any behavour provided by load(), let's convert the call to safe_load().
-rwxr-xr-x | lavalab-gen.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lavalab-gen.py b/lavalab-gen.py index 2346689..c2c5347 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -94,7 +94,7 @@ def usage(): def main(): need_zmq_auth_gen = False fp = open(boards_yaml, "r") - workers = yaml.load(fp) + workers = yaml.safe_load(fp) fp.close() os.mkdir("output") @@ -329,7 +329,7 @@ def main(): else: #master exists fp = open(dockcomposeymlpath, "r") - dockcomp = yaml.load(fp) + dockcomp = yaml.safe_load(fp) fp.close() dockcomp["services"][name] = {} dockcomp["services"][name]["hostname"] = name @@ -524,7 +524,7 @@ def main(): workerdir = "output/%s/%s" % (host, worker_name) dockcomposeymlpath = "output/%s/docker-compose.yml" % host fp = open(dockcomposeymlpath, "r") - dockcomp = yaml.load(fp) + dockcomp = yaml.safe_load(fp) fp.close() device_path = "%s/devices/" % workerdir devices_path = "%s/devices/%s" % (workerdir, worker_name) @@ -680,7 +680,7 @@ def main(): print("Add ser2net ports for %s (%s) %s-%s" % (slave_name, host, ser2net_port_start, ser2net_ports[slave_name])) dockcomposeymlpath = "output/%s/docker-compose.yml" % host fp = open(dockcomposeymlpath, "r") - dockcomp = yaml.load(fp) + dockcomp = yaml.safe_load(fp) fp.close() ser2net_port_max = ser2net_ports[slave_name] - 1 dockcomp["services"][slave_name]["ports"].append("%s-%s:%s-%s" % (ser2net_port_start, ser2net_port_max, ser2net_port_start, ser2net_port_max)) |