From e0c08457cb969f2845ac8a9d819db204d63c1411 Mon Sep 17 00:00:00 2001 From: Robin Schneider Date: Tue, 21 Feb 2017 22:14:36 +0100 Subject: [PATCH] Fix code execution vulnerability by switching to yaml.safe_load Ref: https://github.com/yaml/pyyaml/issues/5 --- lib/ansiblereview/examples/standards.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ansiblereview/examples/standards.py b/lib/ansiblereview/examples/standards.py index 4e34f0e..3886722 100644 --- a/lib/ansiblereview/examples/standards.py +++ b/lib/ansiblereview/examples/standards.py @@ -34,7 +34,7 @@ def rolesfile_contains_scm_in_src(candidate, settings): def files_should_have_actual_content(candidate, settings): errors = [] with codecs.open(candidate.path, mode='rb', encoding='utf-8') as f: - content = yaml.load(f.read()) + content = yaml.safe_load(f.read()) if not content: errors = [Error(None, "%s appears to have no useful content" % candidate)] return Result(candidate.path, errors)