Browse Source

Use yaml.safe_load() instead of yaml.load()

According to Bandit yaml.safe_load() should be used instead of
yaml.load().

Use of unsafe yaml load. Allows instantiation of arbitrary objects.
Consider yaml.safe_load().

Change-Id: I7dd536c61ff53bf0b07cf4681df64fbec99140b6
changes/80/158680/1
Christian Berendt 6 years ago
parent
commit
d124f83643
1 changed files with 1 additions and 1 deletions
  1. +1
    -1
      cleanup/retf/retf.py

+ 1
- 1
cleanup/retf/retf.py View File

@ -194,7 +194,7 @@ def load_disabled_rules(src):
if src:
try:
listing = yaml.load(open(src))
listing = yaml.safe_load(open(src))
for rule in listing:
logger.debug("Rule '%s' is disabled.", rule)


Loading…
Cancel
Save