diff options
author | Corentin LABBE <clabbe@baylibre.com> | 2019-06-11 09:03:57 +0200 |
---|---|---|
committer | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2019-06-19 16:42:49 +0000 |
commit | 429b3fe9b2f218e7152c59598f369eeb3f79bf29 (patch) | |
tree | 4459aa6a07e131e9ed0b884143be09fd4217d04c /utils | |
parent | e1e33be3287ae953b960c5963a7ece870a006328 (diff) |
utils/job-prereq.py: Use yaml safe_loadhalibut_7.99.3halibut_7.99.2halibut/7.99.3halibut/7.99.27.99.37.99.2
On my gentoo, using yaml.load now give:
Traceback (most recent call last):
File "./utils/job-prereq.py", line 81, in <module>
main()
File "./utils/job-prereq.py", line 66, in main
job_yaml = yaml.load(job)
File "/usr/lib64/python2.7/site-packages/yaml/__init__.py", line 109, in load
raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
RuntimeError: Unsafe load() call disabled by Gentoo. See bug #659348
Note that on recent ubuntu, a warning appears also. (like on AGL jenkins)
/w/workspace/ci-platform-meta-agl-demo-verify-CIBT-qemuarm64/repoclone/releng-scripts/utils/job-prereq.py:66: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
job_yaml = yaml.load(job)
This is due to a security risk of using yaml.load()
Since releng-script does not rely on any behavour provided by load(), let's convert the call to safe_load().
This will also clean/reduce the output of jenkins logs
Change-Id: I6158dcc21c0f7ec4645fb7b16acfaf1a6963cb26
Signed-off-by: Corentin LABBE <clabbe@baylibre.com>
Diffstat (limited to 'utils')
-rwxr-xr-x | utils/job-prereq.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/utils/job-prereq.py b/utils/job-prereq.py index 7f3b7e1..c4c0780 100755 --- a/utils/job-prereq.py +++ b/utils/job-prereq.py @@ -63,7 +63,7 @@ def main(): version=args.build_type[2], machine=args.machine) - job_yaml = yaml.load(job) + job_yaml = yaml.safe_load(job) if args.machine == "qemux86-64" or args.machine == "qemuarm" or args.machine == "qemuarm64": for key in FILE_MAP_QEMU: if getattr(args, key): |